HackTheBox – Nineveh
Marceli Only http/https ports are opened
Local file inclusion
HackTheBox – Poison CTF walkthrough
pwdbackup.txt looks interesting I checked it with CyberChef and didn't get any "magic" hint. Later I will decode it There is a LFI access.log is accessible I don't have permissions…
HackTheBox – Included CTF walkthrough
After going to http site, user is being redirected to: So I decided to try /etc/passwd Host is vulnerable to local file inclusion There are users related to tftp service…