This is my first time submitting a discussion and hope I’am submitting it in right place and category.
Yesterday when I tried to exploit the Nineveh machine I stacked in LFI vulnerability and I realized something stranger in LFI and what made me more surprised when I saw a walkthroughs of this machine.
Actually, what I saw are some people could exploit the LFI in different dirctory path. For Example:
The original path:
Some people can go to specific path directory instead of files/ninevehNotes.txt :
Others, can do it in this way:
Also, by deleting the Files parameter:
For me the last method worked fine with me while others do NOT.
How did this happen?
Why the others methods didn’t work?
Hope someone explain it to me, actually I spend all the day just to understand this part
Thanks in advance.