Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There is a file upload vulnerability so that the webshell can be obtained #6

Open
R0both opened this issue Jun 8, 2020 · 0 comments

Comments

@R0both
Copy link

R0both commented Jun 8, 2020

Let's take a look at the code
图片
Because the system does not strictly filter and restrict the pictures uploaded by users, resulting in file upload vulnerabilities. From the code, it can be seen that only the size of the picture and the Content-Type and so on are verified during the upload, so only need to modify the Content-Type to bypass Upload.
After the administrator logged in, open the following one page.
图片
Upload php.php and grab the package to modify the Content-Type to "image/jpg"
图片
Then we can see that php.php was successfully uploaded.
Then we access the uploaded file
图片

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant