I am working on CTF challenge and there is a link with the challenge, that looks like that : 46.XXX.XX.XX:8008/
If I open the Developer Tools in that page, I can find an applet, with the attribute code with value of "mPage.class"
<applet width="700" height="230" codebase="out" code="mPage.class">
<param name="_cx" value="13229">
<param name="_cy" value="6085">
</applet>
Usually I would change the url and add mPage.class at the end
For example, if the URL was :
https://website.com/file.shtml
I would type in the url bar:
https://website.com/mPage.class
And I could download the mPage.class file
But since the url doesn't finish with "file.html" or something likes that.
I can't do 46.XXX.XX.XX:8008/mPage.class
When I try to go to http://46.XXX.XX.XX:8008/mPage.class, my browser tell me that the Web page was not found.
I don't know if I can actually download the class file.
Because to get it, I should do something like :
http://46.XXX.XX.XX:8008/../mPage.class
But it obviously doesn't work. Since I can use the applet in the page, I should Theorically download it.
If you find some mistakes, (like spelling one), don't hesitate to warn me, sorry English is not my native language. And thank you for reading.
<applet width="700" height="230" codebase="out" code="mPage.class">
<param name="_cx" value="13229">
<param name="_cy" value="6085">
</applet>
The important part of finding the class files is to account for the codebase specified in the applet element, which effectively means that we need to look in the out directory (added to the path of the document) in order to find where the class files actually exist.
So this:
http://46.xxx.xx.xx:8008/mPage.class
Needs to be this:
http://46.xxx.xx.xx:8008/out/mPage.class