A short tell of LFI from PDF link → Professor the Hunter
Who am I?
Security Researcher at HackerOne. In 2022, I was in 60th place worldwide as per HackerOne leaderboard. Check out the result from this link. You may follow me on Twitter to get some tips on Bug Bounty. My Twitter Handle: https://twitter.com/bughuntar
Summary:
Today, I found a Local File Inclusion ‘LFI’ Vulnerability in “Redacted’s Edge Network”. As it is known, the impacts of exploiting a Local File Inclusion (LFI) vulnerability vary from information disclosure to complete compromise of the system. Even in cases where the included code is not executed, it can still give an attacker enough valuable information to be able to compromise the system, as is the case of the security vulnerability we are reporting.
How did I get the LFI vulnerability?
During security testing on https://erecruitment.redacted.com I got a PDF file link.
https://erecruitment.redacted.com/onlineapp/rocketpreepay.pdf .
Then I tried to find LFI bug on that link but it was redirecting every time I entered the wrong link. I thought there is no LFI bug. But when I entered the right link, I am surprised it worked.
LFI exploit:
https://erecruitment.redacted.com/onlineapp/rocketpreepay.pdf../../../../../../../etc/passwd
Conclusion:
As I got it today I don’t know how many bounties I will get if it be accepted. Yet I am reciting ALHAMDULILLAH as I am successful to exploit. Feel free to reach out to me on Twitter or another platform: always my username is “@bughuntar”.