File Upload && BrupSuite

Feb 13, 2024#Web2Security #UpLoadFile #BrupSuite43

AI Translation

This post is translated from Chinese into English through AI.View Original

AI-generated summary

The difficulty level is medium. The source code restricts the upload of image.png, so the user opens brupSuite to intercept the request and uploads a webshell. They copy the code into a text file, change the extension to .php, and successfully upload it as image.png. They then access the uploaded file and open a webshell tool called 蚁剑. They enter the address and password, and can view the website structure and files.

Difficulty: medium

When I saw the source code, it restricted the upload types.

So I opened Burp Suite
and intercepted the request, then uploaded a webshell:

I copied the code into a txt file, then changed the extension to php, creating a webshell file.

Here, I intercepted

and modified the Content-Type to:
image/png
Then I allowed the request and found that the upload was successful.

Then, following the upload address, I accessed the link:
http://192.168.1.2/dvwa/hackable/uploads/111.php
I found a blank screen, indicating a successful exploit.
I opened AntSword, entered the address, and used the password: pass

Double-clicking, I can see the website structure and the files it contains.