Sort by time | Sort by thread (beta)
- Your queue is empty. Add videos to your queue using this button:
or sign in to load a different list.
Loading...Saving...
Loading...Saving...
what is song?
thetmyster 2 years ago
And the img.php?img=../img.php is technically meaning to bypass that file. And you find it via google dorks. DUR.
HackingTut0rials 3 years ago
sorry dude but I don't think a page with file_get_contents which lets you access the root directory or one dir up, or doesn't even check the file-to-read's extension is protected very well
im not saying your method is impossible, just that you have to be very "lucky" to find such files
DeNederlander 3 years ago
LFI is common. You guys need to learn your own extensions. The site this was done on gave us +++++ security, because the owner of the site had a host stashed in it once we got in the mysql.
Learn your security because LFI is sometimes used for shells, and RFI is familiar and you can use RFI to upload a shell.
lrn2hax. kkthxbai.
HackingTut0rials 3 years ago
good luck finding such files with zero security
maybe you could make a tutorial about how you can find upload services that dont have a file extension check so you can upload php scripts so you can remove their directories
that will show them offering free upload space for free
DeNederlander 3 years ago