I am getting confused on some of the wording here. I was working on this machine with I guess the unintended vector as I was able to get a file bypass and get the “PDF” to get dropped on the system. Now I know that you can’t get a non-pdf file to open anymore with the 404 error I am not sure where to go from here. I do know that the files that are actually marked with a PDF extension open just fine. Maybe that is the vector but I am really not sure. Can you maybe reword your first few steps. Thanks
Hi, I need help with foothole. I’m unable to upload my file on the server.
I’ve made a zip file with a php file in it with the extention phpD.pdf like in the https://book.hacktricks.xyz/ but my file never gets there and I have no error message. Without the double extention, the file upload without problem
Could someone give me some hints for zipping ?
I found zip vuln to see /etc/passwd or upload.php and so on but I get stuck to get RCE.
I tried to bypass pdf extention but failed to. I found changelog said “Added additional checks to the PHP application to prevent an unintended RCE via PHP webshell upload with null-byte injection.” so I think that I have to read some php file in detail…
I am having trouble getting the initial foothold, I seem to go down a rabbit hole for the old method, but unsure how to move forward with the new patch. I am assuming it’s probably something staring me in the face… Any help is appreciated.