Web Shell via Polyglot File Upload!

Опубликовано: 20 Январь 2022
на канале: Intigriti

17,979

287

👩‍🎓👨‍🎓 Learn about File Upload vulnerabilities. In this video, we are going to learn how we can insert code into the metadata of a file. We are also going to look at how we can create polyglot files leading to sanitization routine bypasses.

Overview:
00:00 Intro
00:13 Lab overview
00:47 Using Exiftool
01:58 Create Polyglot
04:42 Exploit App
04:40 Manipulate web server config
05:51 Solve lab
06:20 Conclusion

For more information, check out https://blog.intigriti.com/hackademy/...

🔗 Portswigger File Upload Vulnerability Challenge: https://portswigger.net/web-security/...
🔗 Exiftool Download: https://github.com/exiftool/exiftool

🧑‍💻 Sign up and start hacking right now - https://go.intigriti.com/register

👾 Join our Discord - https://go.intigriti.com/discord

🎙️ This show is hosted by / pascalsec (‪@Hacksplained‬ ) & / intigriti

👕 Do you want some Intigriti Swag? Check out https://swag.intigriti.com/