In this video, we cover Lab #1 in the File Upload Vulnerabilities module of the Web Security Academy. This lab contains a vulnerable image upload function. It doesn't perform any validation on the files users upload before storing them on the server's filesystem. To solve the lab, we upload a basic PHP web shell and use it to exfiltrate the contents of the file /home/carlos/secret. We submit this secret using the button provided in the lab banner.

You can log in to your own account using the following credentials: wiener:peter

▬ 🔗 Links 🔗 ▬▬▬▬▬▬▬▬▬▬

Notes.txt document: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/file-upload-vulnerabilities/lab-01/notes.txt

Python script: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/file-upload-vulnerabilities/lab-01/file-upload-lab-01.py

PHP web shell: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/file-upload-vulnerabilities/lab-01/test.php

Web Security Academy Exercise Link: https://portswigger.net/web-security/file-upload/lab-file-upload-remote-code-execution-via-web-shell-upload

Rana's Twitter account: https://twitter.com/rana__khalil