Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: LFI with limitation

From: Danux <danuxx () gmail com>
Date: Fri, 21 May 2010 17:32:04 -0500
How do you know it is vulnerable then?

Try %2500
%%0000
so on...

On Fri, May 21, 2010 at 5:00 AM, Jacky Jack <jacksonsmth698 () gmail com> wrote:

Hi

A URL is vulnerable to LFI but it's removing/stripping null character.


So, are there any ways to bypass it?

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------






-- 
Daniel Regalado aka Danux

From NeZa to the World!!


www.macula-group.com

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: