Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.
Realistic 17
So.. I'm pretty sure by now that in this mission, after you put the filename in challenges/real17/?file= that they add, or delete something. This is because when you put links.html, it's the same as quotes.html.
And if you go to /real17/s. or /real17/es. you can see the text
echo "
at the top of the page, and in the source. When you look at the links in the source, they are done as if they were made to be implemented in PHP.
- — 2. Exploit — <?php $file=""; # FILENAME error_log("<? echo \"cx\"; ?>", 3, "php://../../".$file); ?>
thats what i keep coming up with when i google php streams and wrappers. i like to think i am ok when it comes to patching but i have no idea how this is exploitable here.
heres where i got it