search

port 80

http://10.129.70.5/?file=home.php

The page is very normal. Looks like no link is present here.

We can see that the URL is accepting other values. We can try vulnerabilities like LFI or directory traversal.

As we can see the Time To Live (ttl) is close to 64. It means that the underlying OS is Linux.

hashtag
Looking at hidden directory

hashtag
Directory traversal.

This worked.

We can load files directly as well.

hashtag
Check for LFI, RFI or DT.

Let's check if it is LFI or RFI or if only directory traversal is possible.

Using Wappalyzer we confirmed that the underlying system is using Apache HTTP server 2.4.29. {Same thing we can see in the Nmap result.}.

PreviousIncluded - starting pointNextTFTP [Initial Access]

Last updated

Was this helpful?