Lab 12 : Web shell upload via Content-Type restriction bypass
This lab contains a vulnerable image upload function. It attempts to prevent users from uploading unexpected file types, but relies on checking user-controllable input to verify this.
I started by Opening the page and looking around the page
The next step is to log in to see if I can upload a file
As I am uploading the file I can see the it is expecting multipart/form-data but I am uploading application/x-php so my idea is to change this to match the mime type that the server is expecting because if I don’t do this then it won't allow me to upload.
It says that It only Accepts image/png
I will use this path to get the content of the file.
Here I go to this path and then submit the flag
Comments
Post a Comment