Local File Inclusion For Beginners | LFI | TryHackMe | Part 1

preview_player
Показать описание
In this video we will cover Local File Inclusion (LFI) using a beginners tryhackme room. We will view contents of /etc/passwd, find a ssh key and gain user access to the system then escalate our privilege with GTFObins.

Enjoy and hopefully you can add LFI to your bug bounty methodology !

___________________________________________________________________________

If you enjoyed this video smash the like button, leave a comment and sub to the channel. Let me know what you like or any ideas you may want to see on my channel :)

___________________________________________________________________________
Make sure to subscribe for more hacking tutorials!
___________________________________________________________________________

Connect with me:
  1. Dylan Schleinkofer
  2. LFI
  3. Local File Inclusion
  4. Bug Bounty
  5. Bug Hunting
  6. web application
Рекомендации по теме
TryHackMe! [Web Vulnerabilities] 0:10:52

TryHackMe! [Web Vulnerabilities] Local File Inclusion

Local File Inclusion 0:02:03

Local File Inclusion Explained

Remote File Inclusion 0:09:54

Remote File Inclusion Explained and Demonstrated!

BUG BOUNTY: UNDERSTANDING 0:17:18

BUG BOUNTY: UNDERSTANDING LOCAL FILE INCLUSION(LFI) #1 | DEMONSTRATION | 2023

Penetration Testing - 0:05:17

Penetration Testing - Local File Inclusion (LFI)

Google CTF: Beginner 0:09:18

Google CTF: Beginner Quest: ADMIN UI (Local File Inclusion)

Local File Inclusion 0:10:10

Local File Inclusion For Beginners | LFI | TryHackMe | Part 1

Local File Inclusion 0:01:19

Local File Inclusion

Web Hacker Basics 0:09:52

Web Hacker Basics 04 (Local and Remote File Inclusion)

Local File Inclusion 0:05:52

Local File Inclusion (PicoCTF 2022 #33 'forbidden-paths')

TryHackMe! File Inclusion 0:40:00

TryHackMe! File Inclusion - Beginner Friendly Walkthrough

Local File Inclusion 0:01:43

Local File Inclusion

$6000 Local File 0:00:54

$6000 Local File Inclusion | Sensitive Data Exposure | Bug Bounty POC 2021

Reading Secret Files 0:13:13

Reading Secret Files with Local File Inclusion! (Web App Hacking)

Hacking AWS: From 0:17:04

Hacking AWS: From Local File Inclusion (LFI) to Secrets Manager!

Local File Inclusion 0:00:54

Local File Inclusion Vulnerability

Ethical hacking || 0:07:48

Ethical hacking || 50.Local File Inclusion Attack on a Web Ap

(File Inclusion TryHackMe) 0:19:21

(File Inclusion TryHackMe) Local File Inclusion [LFI] Vulnerability FileInclusionVM walkthrough THM

File Inclusion - 0:44:02

File Inclusion - TryHackMe Junior Penetration Tester 3.6

How to Detect 0:03:17

How to Detect and Mitigate Local File Inclusion Vulnerability?

DVWA - Local 0:05:56

DVWA - Local File Inclusion

Local File Inclusion 0:21:24

Local File Inclusion TryHackMe

OWASP Multidae Tutorials 0:04:40

OWASP Multidae Tutorials - Local File Inclusion (LFI) with Directory Traversal Injection Tutorial

From Local File 0:20:37

From Local File Inclusion to Remote Shell | OSCP Video Course Prep

Комментарии
Автор

lol what the hell. the id_rsa I made said wrong format as well, but it gave me a password prompt??? I just found the user flag and the root flag through the URL parameter stuff, because I saw you could read the etc/shadow file I figured you have root privileges already.

SPOILER URL PARAMETERS:
root flag is at: page=../../root/root.txt
user flag is at:

anotheruniquehandle
Автор

please how were you able to write the "!" I am finding it hard to write that

ajetunmobiadam