Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- A file was being read directly from the OS, looking something like /file.jpeg.
- Instead of putting just the file name, the researcher added "../../../../etc/passwd", which leaked all of the login information of the system.
- To turn this into an RCE, the file traversal could also be paired with a write function, instead of a read function. By being able to write anywhere on the system, an RCE had been created!
