We need to upload an image which is less than 1kb and it provides link to see that image after successful uploading. Solution : Click the view Source code link given in the main page Then You can notice the following code <?php In the above, it explains that makeRandomPathFromFilename function used to get the date of the and its extension and it uploads the file in /upload/ directory with some random name created by genRandomString function.And it provides the hyper link for the following file which h is uploaded right now. I created a small PHP code to display password from file /etc/natas_webpass/natas14 <?php And i uploaded following php file , while upload turn on tamper data add on in Firefox to change the extension of the file to .php in POST data. Because in POST data it used to send .jpg as default file extension.
Now you can see the password for the next level. Natas 13 : jmLTY0qi****aKc9341c****BJv7M*** Vulnerability: http://en.wikipedia.org/wiki/Remote_File_Inclusion Remedy: http://www.esecurityplanet.com/browser-security/how-to-prevent-remote-file-inclusion-rfi-attacks.html
0 Comments
Your comment will be posted after it is approved.
Leave a Reply. |
Details
Categories
All
Archives
June 2017
Vivek N
An idea can change your life :) |