Home Forums Finding the website root directory on a Windows IIS web server using LFI exploit

This topic contains 0 replies, has 1 voice, and was last updated by  _chun_chun_maru 1 month, 4 weeks ago.

  • Author
    Posts
  • #414904

    I am currently doing a CTF and everything here is part of it.

    I have found an LFI vulnerability in a website that allows me to download files on both the C drive and D drive. The D drive contains content relevant to the website however no jsp (the site uses jsp) scripts that I can download which could contain useful information.

    I found a way to read the D drive using the exploit and have gathered several config files. I attempted to access what I believed to be the website root directory at C:/inetpub/wwwroot and it contains an iisstart.htm file however there is nothing related to the actual site.

    Is there a config, log or any kind of file on the system which may give me more information as to where the website root is? Maybe I’m missing a config file or it could be located in a log? I have even downloaded and checked files such as lnk files to see if it contains useful paths.

You must be logged in to reply to this topic.