Requirement :
-
The URL should look something like this :
ie. It should have a parameter load a page, For example here the parameter ?pages is loading a file called include.php -
If you remove the parameter and try to load the file directly then this type of error should come :
By this you can get to know how many directories are present between the current page and the root. For example here there are 5 directories
you should know the basics of Linux to go further : Basics of Linux
Exploit :
To get access to the /etc/passwd file you need go back to the root directory by using the ../
(In this case we went 5 directories back ) :
Some other Sensitive files to access include :
/proc/self/environ/var/log/auth.log/var/log/apache2/access.log
Gaining Reverse Shell access through netcat :
using the /proc/self/environ file which tells us about the information of the environment
( Ex : Browser ). We can use this to run netcat commands through Burp Suite proxy
TO BE **CONTINUED…