I’ve been going through modules on HackTheBox, and have hit a road block. Specifically I am working on the last File Inclusion problem (Skills Assessment – File Inclusion/Directory Traversal) and I cant seem to find a way to attack the system.
The difficulty I’m facing is that Im not sure how to see the result of a potential successful hack. I might be able to send a command to the machine, but Im not finding a way to have the server send me back a different file with the results for eg.
To clarify, I dont think the server I’m attacking is including files in its response, so Im not sure how to see the results of a potential successful or even failed command.
In the longer term though, as I go through the modules, I would really enjoy if there was someone I could chat to to get different perspectives on a problem.
Might anyone be able to help or direct me to where I can?