Web - Server

I have all the data needed to run an exploit script, except for the full path to a certain file. I know the version of python running, but the d****p******* dir isn’t there.

I’ve tested running my own flask app and have run the code to get that path. The path output is a tiny bit different but doesn’t make a difference in my search. I have read env vars too but there wasn’t anything too interesting there.

Do I need to guess/brute-force the path to the file, or am I missing something to easily find it ? Thanks.

Hi !

You are on the right way. And it is possible to find the path out without brute force, the path is kind of specific for the task’s environment (just have spent for the very same problem couple of hours)

Good luck

Hello,

Same problem, I can’t find the path to this file, i have the version of python and the s*** p******* directory but nothing in it,

Do i’m on the good way or totally out ?

EDIT : found, not the good one...

Thx

I don’t know how you all found it. I’m completely dumbfounded right now. I see that there’s the s****p******* directory but inside of it isn’t a f**** directory. I can’t tell you how frustrated I am with this challenge right now.

my problem is finding the file name containing the flag 😄 , the full path is not problem for me

any hint for get locate path from app.py, i very confused for it

Hello.
I found /usr/local/lib/python3.11/site-packages/ but i cant find werkzeug/flask/__init__.py file..
It must contain data for the console access script to work. Am I doing something wrong ?