We need to upload an image which is less than 1kb and it provides link to see that image after successful uploading.But this time they resolved remote file inclusion attack by adding some secure function. Let us see whether it is totally secured or not :) Click the view Source code link given in the main page Then You can notice the following code <? The difference between above code and previous level's code is checking the file signature (aka "Magic words" using exif_imagetype function.After reading about the file signature in following link. I understood little bit on signature of the files so to bypass this function i took image which is less than 1kb and I opened it in Notepad++ and added my PHP script at end of the file. <?php I added that echo line to differentiate our password from image data. I uploaded the file and followed the same process which I did in previous level to change the extension to PHP.
Now I got the hyper like of my PHP script, Then i visited that page and got the password for next level. <Existing file data>==================="Lg96M10TdfaPyVBkJdjymbllQ5L6qdl1 Natas14 : Lg**M10****PyVBk****mbllQ5L6****
0 Comments
Your comment will be posted after it is approved.
Leave a Reply. |
Details
Categories
All
Archives
June 2017
Vivek N
An idea can change your life :) |