How it works...
In this recipe, we identified a way to bypass restrictions on a file upload page in order to upload malicious code to the server. However, due to such restrictions, the uploaded files are not directly executable by the attacker, as they must be uploaded as images and they will be treated by the browser and server as such.
We used a Local File Inclusion vulnerability to execute some of the uploaded files. This works as a bypass on the file types restriction, but doesn't allow for a more complex functionality, such as webshell. First, we executed commands to get to know the internal server setup and discover the directories where it had the executable code stored.
Once we knew about the internal filesystem, we uploaded our ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access