File Inclusion / Directory Traversal

it says “Using the LFI to RCE vulnerability run the command ‘uname -a’. Submit just the Linux Kernel version number as your answer (i.e. Debian 3.19.42-2)”

I’m stuck in this part, I already have the answer but I put it as the example asks for it and marks it as incorrect, does anyone know the format in which I have to put it?

I spent an hour trying to figure this out too. Seeing the date on the kernel version got me suspecting that someone updated it without changing the validation in the academy. So I went to Debian Package Tracker and started trying earlier versions of the same x.xx version and got the right one after a few tries.

This is definitely a bug in the academy.

it might be worth raising a jira ticket so HTB support can fix this. I don’t know how well maintained the academy labs are.

@TazWake said:
it might be worth raising a jira ticket so HTB support can fix this. I don’t know how well maintained the academy labs are.

I did that, thanks for the tip!

Type your comment> @Jac0lius said:

I spent an hour trying to figure this out too. Seeing the date on the kernel version got me suspecting that someone updated it without changing the validation in the academy. So I went to Debian Package Tracker and started trying earlier versions of the same x.xx version and got the right one after a few tries.

This is definitely a bug in the academy.

Thank you, i’ll try to figure out

Got a reply from the jira ticket saying they updated the question, so this should be now fixed.