File Inclusion 500 Internal Server error

Good morning,
Just wondering if anyone has done the File Inclusion module ever since it was redone (3/25). I’m at the last part (Skills Assessment) and every time I tried to cat a file on “the log place”*, the server would return a 500 on the next Send in BurpSuite. Anything other than ls or whoami would return a 500. It didn’t use to do this IIRC.

*: “the log place” being that one place where you can see the results of your commands. If you’ve done it, you know where it is.

EDIT: Used another method which made cat more stable. That worked instead.

DM me the line you are using that gives you the 500 error if you don’t mind.
-onthesauce

Dm-ed

I am wondering if I’m having a similar issue.

I am trying the Academy, page 2 of File Inclusion, called “Local File Inclusion (LFI)” and the images in the training/guidance section are broken. Also, I am not able to practice on any “target” machine… Has the recent update broken this module?

I have watched a video, and looked at other forums posts to see if I’m doing it right, and I believe I am: “/etc/passwd” as the value of the “language” url param has no server response,server timeout. Any other param value reloads the webpage but with no content inside the “container”.

The images are loading fine for me. How is your connection speed and are you using the pwnbox? I know that certain VPN services and servers also affect my load times for the pwnbox and target machines.
-onthesauce

Really? I wonder why. I’ve tried via a few different computers. My connection is fine, and no VPN is involved. I just cannot see any of the images in the “academy” training/education page (before jumping into a pwnbox). Here’s the url to the first image in page 2 of the education module: https://academy.hackthebox.com/module/storage/modules/23/basic_lfi_lang.png

Also, the activity to earn cubes doesn’t seem to work either. I’ve tried the LFi techniques via the pwnbox in addition to VPN from my own machine.