Upload Vulnerabilities
Upload Vulnerabilities⌗
|> Room link: https://tryhackme.com/room/uploadvulns
⚠️Tools used: |
---|
> Burpsuite |
> gobuster |
> Wappalyser |
Task 1 Getting Started⌗
Let’s deploy the machine to give it a few minutes to boot.
click on the Start Machine
button.
now you have to configure your own pc.
open host file
- on linux /etc/hosts
- on windows C:\Windows\System32\drivers\etc\hosts
Task 2 Introduction⌗
The purpose of this room to explore some of the vulnerabilities resulting from improper handling of file uploads. We will be looking at:
- Overwriting existing files on a server
- Uploading and Executing Shells on a server
- Bypassing Client-Side filtering
- Bypassing various kinds of Server-Side filtering
- Fooling content type validation checks
pre {
background: #1a1a1d;
padding: 20px;
border-radius: 8px;
font-size: 1rem;
overflow: auto;
@media (--phone) {
white-space: pre-wrap;
word-wrap: break-word;
}
code {
background: none !important;
color: #ccc;
padding: 0;
font-size: inherit;
}
}
Read other posts