Skip to content

There is a file upload vulnerability so that the webshell can be obtained #6

Open
@R0both

Description

@R0both

Let's take a look at the code
图片
Because the system does not strictly filter and restrict the pictures uploaded by users, resulting in file upload vulnerabilities. From the code, it can be seen that only the size of the picture and the Content-Type and so on are verified during the upload, so only need to modify the Content-Type to bypass Upload.
After the administrator logged in, open the following one page.
图片
Upload php.php and grab the package to modify the Content-Type to "image/jpg"
图片
Then we can see that php.php was successfully uploaded.
Then we access the uploaded file
图片

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions