Let's access the image through the browser.
We can now intercept this request in Burp Suite using the Proxy.
Proxy
Now, we can forward the request to the Repeater to makes changes in it.
Repeater
Let's change the filename parameter to the following and forward the request:
filename
The server expects a .png file extension. We can use %00 characters before the extension so that our string gets terminated before the extension
.png
%00
We have successfully solved the lab.
Last updated 2 years ago
../../../etc/passwd
../../../etc/passwd%00.png
