Share
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Manage episode 485690922 series 3643227
Content provided by Amin Malekpour. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Amin Malekpour or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
One markdown link copied server files. One poisoned log triggered remote code execution. One LFI crashed the entire server.
In this episode, we unpack three real-world exploits—directory traversal and local file inclusion flaws that went far beyond file reads. From silent data leaks to full server compromise, these attacks all started with a single trusted path.
Chapters:
00:00 - INTRO
01:07 - FINDING #1 - Server File Theft with Directory Traversal
09:23 - FINDING #2 - From File Inclusion to RCE via Log Poisoning
16:20 - FINDING #3 - LFI to Server Crash
24:09 - OUTRO
Want your pentest discovery featured? Submit your creative findings through the Google Form in the episode description, and we might showcase your finding in an upcoming episode!
🌍 Follow & Connect → LinkedIn, YouTube, Twitter, Instagram
📩 Submit Your Pentest Findings → https://forms.gle/7pPwjdaWnGYpQcA6A
📧 Feedback? Email Us → [email protected]
🔗 Podcast Website → Website Link
Chapters
1. INTRO (00:00:00)
2. FINDING #1 - Server File Theft with Directory Traversal (00:01:07)
3. FINDING #2 - From File Inclusion to RCE via Log Poisoning (00:09:23)
4. FINDING #3 - LFI to Server Crash (00:16:20)
5. OUTRO (00:24:09)
14 episodes
))
