Web Attacks - Advanced File Disclosure

Please could someone give me a tip to help complete the challenge at the end of the Advanced File Disclosure Section

I’ve tried both methods to try and find flag.php. When I use either method I can get the other PHP pages to show up fine, I can view system files, but for some reason I can’t find the flag. This makes me believe it might be contained in a subdirectory that I don’t know the name of. I’ve already tried fuzzing for different directories but this still isn’t helping.

Any help would be appreciated.

hi @Theonly_wilko
…am not even able to view the system files in the response…
in my local DTD file, i kept it as echo ‘’ > xxe.dtd
also ,in my request I append the piece of code given in the module by changing the IP AND PORT alone…
Can you tell me whether I should append anything in the local DTD file as the hint says-Don’t forget to point the ‘file’ to the flag in your local DTD file.

1 Like

hey guys!!! I ve finally solved it!!! DM if u need any help

1 Like

Sorry I didn’t see this. I’m glad you got it in the end!

hi bhatty, how you doing? Could you please drop a hint on this? thanks in advance!


i do not understand why it is not working like in the course. even the first thing is not working

There was the need to change the content too and not keep the original content

1 Like

Hello Everyone, I am also stuck at this point

Can anyone help please ??

Thank You