
Dirbusting/fuzzing
`?template=index.php`

Test the php code locally to figure out how to bypass the sanitization. turns out, it can be beaten by nesting
`secretadsecadmin.phpretadmadmin.phpin.phpmin.php`
this works because the code first removes all instances of `admin.php` so the above becomes
`secretadsecretadmin.phpmin.php`
And then, it removes all instances of `secretadmin.php` so the above becomes
`secretadmin.php`

---
Back to [[_WebSite Publish/CTF/CTF Index|CTF Index]]
Tags: #ctf #php #filter_evasion #web
Related: