[quote="fironeDerbert" pid="118047" dateline="1656801060"][quote="Exa" pid="118037" dateline="1656800466"][quote="Anandu" pid="118020" dateline="1656799923"][quote="Exa" pid="118005" dateline="1656799398"][quote="Bumper111" pid="117987" dateline="1656798013"]For file readhttps://medium.com/@jonathanbouman/local-file-inclusion-at-ikea-com-e695ed64d82f[/quote]Nice, this one works for me. Minus the backslashes:[/quote]Sending it base64'd via /admin/download.php or adding entry in faculty.php?[/quote]Sending via /admin/download.php:https://gchq.github.io/CyberChef/#recipe=URL_Encode(false)URL_Encode(false)To_Base64('A-Za-z0-9%2B/%3D')&input=PGFubm90YXRpb24gZmlsZT0iL2V0Yy9wYXNzd2QiIGNvbnRlbnQ9Ii9ldGMvcGFzc3dkIiBpY29uPSJHcmFwaCIgdGl0bGU9IkF0dGFjaGVkIEZpbGU6IC9ldGMvcGFzc3dkIiBwb3MteD0iMTk1IiAvPgpdf=JTI1M0Nhbm5vdGF0aW9uJTI1MjBmaWxlPSUyNTIyL2V0Yy9wYXNzd2QlMjUyMiUyNTIwY29udGVudD0lMjUyMi9ldGMvcGFzc3dkJTI1MjIlMjUyMGljb249JTI1MjJHcmFwaCUyNTIyJTI1MjB0aXRsZT0lMjUyMkF0dGFjaGVkJTI1MjBGaWxlOiUyNTIwL2V0Yy9wYXNzd2QlMjUyMiUyNTIwcG9zLXg9JTI1MjIxOTUlMjUyMiUyNTIwLyUyNTNF[/quote]When I upload it I got the pdf but the pdf is blank...[/quote]Open the sidebar if you are using Firefox.

(July 2, 2022, 10:29 PM)Anandu Wrote:

(July 2, 2022, 10:25 PM)Erik Wrote: So we're supposed to read mails from gbyolo, anyone has any idea how to ?

You need to read the DB pass from file and use it as pass to gbyolo profile on system to esc further.

Yeah mb managed to get there after looking for some time, thanks though. I'm looking at meta-git RCE right now, dunno if it'll work

you guys are awesome

(July 2, 2022, 10:11 PM)Bumper111 Wrote: SSH for user: developer

Don't post it lol

@Bumper111
:@  Don't put SSH key like this, that does only help leakers.

@Internetdreams
Agree with your thinks and comments.
From my side i continue to support some members like Exa, John01, NoobHTB...
But if you have any idea to reduce leakers and have a way to have a section for real sharing only for people that share findings to level up together, i'm listen you.

[quote="Exa" pid="118037" dateline="1656800466"][quote="Anandu" pid="118020" dateline="1656799923"][quote="Exa" pid="118005" dateline="1656799398"][quote="Bumper111" pid="117987" dateline="1656798013"]For file readhttps://medium.com/@jonathanbouman/local-file-inclusion-at-ikea-com-e695ed64d82f[/quote]Nice, this one works for me. Minus the backslashes:[/quote]Sending it base64'd via /admin/download.php or adding entry in faculty.php?[/quote]Sending via /admin/download.php.https://gchq.github.io/CyberChef/#recipe=URL_Encode(false)URL_Encode(false)To_Base64('A-Za-z0-9%2B/%3D')&input=PGFubm90YXRpb24gZmlsZT0iL2V0Yy9wYXNzd2QiIGNvbnRlbnQ9Ii9ldGMvcGFzc3dkIiBpY29uPSJHcmFwaCIgdGl0bGU9IkF0dGFjaGVkIEZpbGU6IC9ldGMvcGFzc3dkIiBwb3MteD0iMTk1IiAvPgpdf=JTI1M0Nhbm5vdGF0aW9uJTI1MjBmaWxlPSUyNTIyL2V0Yy9wYXNzd2QlMjUyMiUyNTIwY29udGVudD0lMjUyMi9ldGMvcGFzc3dkJTI1MjIlMjUyMGljb249JTI1MjJHcmFwaCUyNTIyJTI1MjB0aXRsZT0lMjUyMkF0dGFjaGVkJTI1MjBGaWxlOiUyNTIwL2V0Yy9wYXNzd2QlMjUyMiUyNTIwcG9zLXg9JTI1MjIxOTUlMjUyMiUyNTIwLyUyNTNF[/quote]I have nothing in /home/developer/.ssh/id_rsamPDF Error: Cannot access file attachment - /home/developer/.ssh/id_rsa

(July 2, 2022, 10:29 PM)Anandu Wrote:

(July 2, 2022, 10:25 PM)Erik Wrote: So we're supposed to read mails from gbyolo, anyone has any idea how to ?

You need to read the DB pass from file and use it as pass to gbyolo profile on system to esc further.

from where i can find this DB i don't have the root directory for the page

Thanks

I now see it pointless on when just SSH keys or passwords are given, people don't learn, helping people is much better

where was the ssh key?
~/.ssh/id_rsa is not the correct path I guess