Saturday, October 25, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 29   
  • · Total Members: 16,745
  • · Newest Member: 17mss
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1291   
    cruizrisner1062   
    Qwexotic1034   
    Null Set870   
    Override604   
    auditorsec603   
    godofcereal599   
    TurboBorland585   
    Teddy477   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override Hacking Challenges Reconnaissance Hacking Challenges
    Full path disclosure
    Register FAQ Members List Today's Posts Search

    Print Thread
    01-20-2010 03:06 AM Full path disclosure | Edited by Null Set 10-02-2011 07:49 PM
    Hi all,
    I'm a new member. I'm vietnamese. I like security system.
    I need your help about "Full Path disclosure".
    I want know result of level 4, Reconnaissance. And why do you have this result ?
    My answer: <--removed - Null Set--> but incorrect.
    SmileSmileSmile
     
    Offline
    01-20-2010 03:26 AM RE: Full path disclosure
    that is not the right path. try it againSmile
     
    Offline
    01-20-2010 04:56 AM RE: Full path disclosure
    Thanks, i mistake.
     
    Offline
    01-20-2010 08:15 AM RE: Full path disclosure | Edited by Division 01-20-2010 08:18 AM
    Quote from Recon Level 4

    Full Path Disclosure

    Please enter the full path to this very directory.


    You're almost there, and you're doing it right, just need to go a little further.
     
    Offline
    01-20-2010 09:38 AM RE: Full path disclosure
    You are almost there but u are forgetting part of the path. Good Luck
     
    Offline
    01-20-2010 12:37 PM RE: Full path disclosure
    Do some research on "full path disclosure exploits" or something like that.
     
    Offline
    03-09-2010 06:59 PM RE: Full path disclosure | Edited by Null Set 10-02-2011 07:50 PM
    I have it erroring to show <--removed - Null Set--> but this is not correct?
    "The higher you climb the more you can see"
     
    Offline
    03-09-2010 07:05 PM RE: Full path disclosure
    chronic12 wrote:
    I have it erroring to show /opt/lampp/htdocs/SecurityOverride/maincore.php but this is not correct?


    your very close but it is a directory not a file
     
    Offline
    03-09-2010 07:10 PM RE: Full path disclosure
    For once maybe we have to think inside the box [] Smile

    --LiquidFusi0n
    Moderating the Modders.
    Thomas Anderson aint got shit on me Smile
    securityoverride.com/images/userbar.png
     
    Offline
    03-10-2010 03:36 AM RE: Full path disclosure
    A hint.
    The page have a GET. Why?
    How can we trigger an error from the GET function? Something unexpected perhaps. Check the basic rules of arrays.
     
    Offline
    03-10-2010 09:25 AM RE: Full path disclosure | Edited by Teddy 03-10-2010 09:25 AM
    This link should help everyone who has problems with that challenge.
    http://www.owasp.org/index.php/Full_Path_Disclosure
    Join our IRC channal! irc.evilzone.org #Evilzone #SecurityOverride

    This dude doesn't answer to PM..no matter how special you think you are...sry

    "With great power comes great responsibility"
     
    Offline
    03-11-2010 06:11 AM RE: Full path disclosure
    That link was very useful Teddy thanks I had manipulated cookies to show an error but the result was different however the suggestions on this site worked much better thanksGrin
    "The higher you climb the more you can see"
     
    Offline
    03-11-2010 07:06 AM RE: Full path disclosure
    lol liquid helped me the most xD for future ref you really should think inside the box []
     
    Offline
    03-11-2010 11:44 AM RE: Full path disclosure
    Yeah your right that was a good help as well!Grin
    "The higher you climb the more you can see"
     
    Offline
    05-07-2010 01:03 PM RE: Full path disclosure | Edited by CrashOverron 05-07-2010 01:46 PM
    the box.. so simple..

    so any way, question is, can you protect yourself from the box by turning off error reporting? or is that just for the SQL injection?

    yes turning off error reporting will protect from FPD errors
     
    Offline
    06-14-2010 10:29 AM RE: Full path disclosure
    LiquidFusi0n wrote:
    For once maybe we have to think inside the box [] Smile

    --LiquidFusi0n

    took me long enough. (thanx teddy for pointing me to infinityexists) nice comment tho Smile
     
    Offline
    04-27-2011 08:14 AM RE: Full path disclosure
    thanks for the good points Smile
    could not have done if you were not written.
     
    Offline
    10-02-2011 03:47 PM RE: Full path disclosure
    This is not working well for me, I got stuck, already got the error easily, then I came her trying to know what should I dig to get this passed.

    Thanks
     
    Offline
    04-27-2013 07:38 PM RE: Full path disclosure
    1st....check out OWASP: https://www.owasp.org/index.php/Full_Path_DisclosureDisclosure
    2nd ..... get your firefox scratchpad out and start CODING!!!

    keep in mind, changing the cookie via firebug or tamper data wont work...the cookie gets regenerated everytime..I got blue in the face at first...now I am off to bed!!! Cool Pfft Wink
     
    Offline
    06-28-2013 01:56 PM RE: Full path disclosure
    <a href="http://securityoverride.org/forum/viewthread.php?thread_id=52&rowstart=0">Full path disclosure</a>
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard