LFI to RCE with User-Agent: Python Web Hacking | Natas: OverTheWire (Level 25)

Join the Family:
Support me on Patreon:
Learn to code with a TeamTreehouse Discount:

Similar Posts

11 thoughts on “LFI to RCE with User-Agent: Python Web Hacking | Natas: OverTheWire (Level 25)
  1. Hey uhm, this video was totally cool, I was wondering something though. Your solution is obviously beautiful, but I did a hacking challenge like this once too, where the file name had an underscore. I simply replaces the underscore with its html encoded variant (% something) and it worked. Would that have worked in this challenge or are the secure functions used here filtering that?

  2. Hey John, one thing that strikes me about your videos (which I really really like!) is the wild mouse movements (and often miss clicks). This is especially visible when you try to switch the panes in Sublime Text. You often have to drag in two phases and/or miss the pane and have to move back to drag the pane again. Our eyes follow your mouse, so that's not easy to watch. And I think this is due to the fact you're using the touchpad, right? Can you maybe use an external mouse? That would make it easier and relaxed to watch (and concentrate on what you're saying instead). 🙂

  3. instead of using …/./ to get around the str.replace(), couldn't you just use absolute paths like /var/www/…? There's no ../ for the str.replace to remove.

  4. Hey John! I just found you on youtube because of LiveOverflow and I wanted to thank you for showing me the overthewire website. I'm having a lot of fun doing the bandit beginner wargames and learning a lot now! I love your google ctf videos as well! ^_^

  5. Until now, I thought that my website (that simply looks for markdown file specified as parameter) is quite safe, because when the file is not found, everything is redirected to 404. I don't think that anymore. I guess it's time for me to dive into PHP & Python and get around it. Thanks a lot for the series.

Leave a Reply

Your email address will not be published. Required fields are marked *