Let's check out the image URI.
We can intercept the request for this image in Burp Suitearrow-up-right using the Proxy.
Proxy
Let's forward the request to the Repeater so the we can modify it.
Repeater
Once in the Repeater, set the filename parameter to the following and forward the request:
filename
The server tells us that there is no such file. This is because the path in out URI is relative and is being stripped.
We can bypass this by using an absolute path as follows:
We have successfully solved the lab.
Last updated 2 years ago
../../../etc/passwd
/etc/passwd
