Second-Order LFI

noyse_dog · January 12, 2024, 9:25am

Good morning everyone, I’m trying to perform the exercise on second-order LFIs, the code provided is the same as the one proposed as an example in the explanation, but when I try to do the necessary steps I don’t get the contents of the flag file.
The steps are very simple:

I rename one of the files to ‘flag’
I rename the user to ‘../admin’
I select the new flag file and I should get the contents, but this is not the case

I went up the file system up to 7 levels, but I got nothing, I also tried to rename the user /home/admin but again nothing to do.
Maybe the filename isn’t ‘flag’, I’m pretty much at a standstill. Do you have suggestions? Where am I doing wrong?

noyse_dog · January 13, 2024, 1:55pm

I just found it…

XjHU · April 6, 2024, 9:37pm

can you please tell us what was the problem? I’m with the same problem

ItsSixtyNein · July 27, 2024, 3:54pm

Leaving this for others who are stuck.
Think about the path of the file and where its really at.

s4n17y · November 13, 2024, 2:56am

Any more hints about the flag name or the file path?

Revels · November 21, 2024, 5:20pm

Here’s the hint: it’s related to admin, and you need to figure out how to access it. Everything is located in the same directory. Don’t complicate things by going to the root directory; there’s nothing there.

gem32167 · April 29, 2025, 2:48pm

i am stuck on the same thing, i tried flag ../../../../../../root but it didnt work

gem32167 · April 29, 2025, 3:02pm

so i tried flag and ../admin all the way to ../../../../../admin
and it didnt work

gem32167 · April 29, 2025, 3:16pm

got the flag