search
HomeGitHubPortfolio Twitter/X Medium Cont@ct

vialSource code disclosure via backup files

https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-via-backup-files

hashtag
Description

This lab leaks its source code via backup files in a hidden directory. To solve the lab, identify and submit the database password, which is hard-coded in the leaked source code.

hashtag
Solution

Checking source code page (CTRL+U) and discovering others pages there're not of interesting, so the idea is to try to guess a potential backup page (eg. git, backup).

In this case i was lucky, because the correct directory path was backup: https://0a5400e703e5812285d9c2ef009700ba.web-security-academy.net/backuparrow-up-right

with the relative file .bak called: ProductTemplate.java.bak that contain a java package with relative DB information and the password/answer that we need to solve the lab.

https://0a5400e703e5812285d9c2ef009700ba.web-security-academy.net/backup/ProductTemplate.java.bakarrow-up-right
PreviousInformation disclosure on debug pageNextAuthentication bypass via information disclosure

Last updated