Exploiting a File Upload Vulnerability - MetaCTF
HTML-код
- Опубликовано: 14 сен 2022
- Follow me - beacons.page/shenetworks
This challenge was apart of a Black Hills Information Security miniCTF
Cyber Range - www.antisyphontraining.com/cy...
BHIS Twitter - / bhinfosecurity
Backdoor - gist.github.com/sente/4dbb2b7... Наука
I really enjoyed this. The break down was top-notch and easy to follow. Thanks.
So awesome to learn by watching you do this Ctf.
Love the video! Thanks for sharing your knowledge.
Excellent content! Keep it up.
kool enjoyed, look forward to some more
The last time I heard what sounded like 'rubber keys' was on my Sinclair 48K back in the 1980's, lol. If you've bought a keyboard with rubber keys, junk it. Lifes too short. Anyway, great video as always. And thanks for the FREE education, it's very much appreciated. Can't wait till next vid. 😚
Thank you for your hard work 😄
Awesome!
Thank you !! :)
Good stuff
how to learn find vulnerability ?
what if there is permission, that outputting "Acess denied" in page?
holy videos LETS GOOOOOOOOOOOOOO!
Hey I just tried in a local php server to see if it works. Unfortunately it doesn't. I saw this method last day tried adding in multiple paths in an image. Still doesn't. This won't work in a Apache server or a php?
When I tried this on my local machine with apache web server, my server is not returning the image data as shown in your video instead of that my server is rendering the image. I dont understand that how in your browser the image is not rendering and server is giving the image data as text.
well, this exploit is IMPOSSIBLE... I have no idea how that server parsed a PNG as PHP, that might be part of the CTF but in real world, its impossible
Hey dude do you have any idea if the server converts the image to base64 and then appends it in src of img tag instead of relying on image path, then is there any way to go further?
👍👍
currently very similar challenge in picoCTF
Omg. Your the most beautiful hacker I have ever seen. As a fellow pentester I see many people on a daily basis but you are incredible.
simp
Lmfaoo you can’t be serious Lmfaoo not the place to shoot your shot
lol woman
Assalam aleykum every man an and women must cover their bodies according to islam
She's not muslim
Friend I like learning Cybersecurity..... Please help me friend...?
contains a virus so the upload was canceled: YARA.php_in_image.UNOFFICIAL FOUND pls help
U can exploit Hadjis file anyday