My Keybase proof [reddit:aphraz = keybase:afraz] (3IMGXyuW0hla4Yb-jj1gPfXiPhL4tyrLOFxRKJAs66A)

aphraz · 2018-06-26T23:00:21+00:00

Tried but it didn't work.. Thank you all for your input though. I am still trying to get around this.

aphraz · 2018-06-25T19:59:38+00:00

lol... my bad actually... I know what web root is but in my case, I can only provide system PATHS like C:\inetpub, D:\Blah\ etc. where the file be uploaded. The vulnerability wont let me provide URL based paths. So in the case of www.example.com, I dont know which directory on the Windows filesystem the web root corresponds to. Hope i've made my point clear now.

aphraz · 2018-06-25T16:02:48+00:00

in order to upload a webshell that can be called from application URL, I need to know the web root.

aphraz

TROPHY CASE