is it normal that /etc/passwd does nor return the complete content?
or is my php filter wrong?
Mine does the same thing.
Well, Iāve got the exploit modified and running, no errorsā¦ā¦.but no RCE, just tells me it failed. Any advice from someone who got it to work for the foothold?
tbh, Iām also not sure why some filter resulted in failed or file not accepted.
but there is a repo on github that automate the LFI for read files, you can check the work PHP filter from the script there.
Iām running into the same thing. Always missing either 4 or 5 characters from whatever I try to read.
Reading through the rest of the exploit, I think thatās going to turn into a problem. Would be great to DM somebody that got past this part 
Feel free to write me in the DMs
Whatās the C***T poc you are all referring to? Based on the target stack, I followed two attack vectors without any luck but noting named C***T related to an LFI for this app. I feel like I am missing something on how to trigger RCE
I am in the same problem here always missing 4 or 5 characters to avoid that Iām trying to combine the exploit with wrapwrap
Am I on the good track ?
Character missing is not a problem for the exploit itself
So, here the problem, thereās a lib i canāt download as whole its look truncated because on PHP response limit, so i canāt extract the symbol address because of corrupted file did i doing it correctly?
The few bytes not downloaded of the libc are not a problem. In any case you can get a valid libc in other ways.
hey, are you talking about extracting the png? Because I have tried that and it doent seem to work, how did you do it?
do you mind sharing how do that? i choose the hard way iām actually working to force to extract symbol from corrupted using python script, but no luckā¦ it canāt get the accurate address
There is a series of 3 articles on ambionics that cover the PoC were are talking about.
The characters missing are due to the characters you add at the front. Itās talked about in one of the articles. For the 2 big files you need to download for the PoC, they should not be an issue, at least they werenāt for me. Granted my exploit isnāt working yet, but I am getting through the parts where those files are used.
Thanks v1nd1c4t10n,
Someone pointed me to the article and the associated repositories. Struggling to adapt it like most of you, I guess 
I am really struggling with the z**b filter. Any hint on how to adapt the PoC ?
Me too
the ambionics articles are at the base and then some more
rooted
its beyond INSANE 
1 Like
Do have any hint about Z**b and how to adapt the PoC if itās the correct path ?
Thks