Hello, I am pretty new here as well and was wondering why is the my.exe considered as a second exploit? (I’ll go through the Guided excersice one more time) - what I also did was just create a new directory with the said exe file did I eventually ‘cheat’ my way through to get the flag?
So it’s not a “new exploit” as much as it’s an alternate exploit path. Every time there is an unquoted space it creates a new possibility for exploit.
For example:
C:\some directory\another directory\yet another directory\program.exe
Would offer three alternate attack vectors for exploit:
C:\some.exe
C:\some directory\another.exe
C:\some directory\another directory\yet.exe
1 Like