- low level
for the first I want to try how to hack upload feature with DVWA (Damn Vulnerabl Web App) and now let see the image in below that is an interface of upload web application
on above use the low leveling testing its very easy to upload a php on it, I only choose a file and then click upload, it will be successfully uploaded. the image like below.
after successfully you can access the directory where you were uploaded that file http://172.17.51.105/akatsuki/vulnerabilities/upload/../../hackable/uploads/shell.php
- medium level
before upload, you should view the source code of upload
let see this source if (($uploaded_type == "image/jpeg") && ($uploaded_size < 100000)){
the application just allow image or jpg and size of file to upload. if like this rename your file name like this "shell.php.jpg" when you click upload it will not send to server directly but all of it will intercept on burpsuit if you are direct intercept it ..file will be successfully uploaded but file just image extension not php . let see the image below
before you are intercept, erase extension *.jpg on filename like this before="shell.php.jpg" after="shell.jpg" then click intercept.. and then file will successfully uploaded. its easy job!!!...heheh
- high level
and when i try looking for the vulnerable i found any trouble during testing, cause according to me this web app has a high security.
I tried to upload a php file and I used local proxi to intercept the Post data form the web with burpsuit application for more information about burpsuit visit ( burpsuit help) than I tried to edit some of which are on it but still the file can not be upload. and than i tried to upload double extension file like this upload.php.jpg but still same with testing above
let see the form source html for upload file
Tidak ada komentar:
Posting Komentar