| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | ||||
| 4 | 5 | 6 | 7 | 8 | 9 | 10 |
| 11 | 12 | 13 | 14 | 15 | 16 | 17 |
| 18 | 19 | 20 | 21 | 22 | 23 | 24 |
| 25 | 26 | 27 | 28 | 29 | 30 | 31 |
Tags
- metacode
- 정처기 필기
- 메타코드M
- 오블완
- 블록체인
- Path Traversal
- 티스토리챌린지
- File Upload
- web3 보안
- amazon s3 트리거
- 메타코드
- ELB
- 정보처리기사
- systems manager
- aws lambda
- 정처기
- web security academy
- Session Manager
- 스마트 컨트랙트
- web3
- 스마트컨트랙트
- web shell
- AWS SSM
- AWS CLI
- splunk db connect
- 보안 그룹
- aws 트리거
- metacodem
- 탈중앙화
- 정처기필기
Archives
- Today
- Total
목록.htaccess (1)
min8282
[File upload] Web shell upload via extension blacklist bypass
This lab contains a vulnerable image upload function. Certain file extensions are blacklisted, but this defense can be bypassed due to a fundamental flaw in the configuration of this blacklist.To solve the lab, upload a basic PHP web shell, then use it to exfiltrate the contents of the file /home/carlos/secret. Submit this secret using the button provided in the lab banner.You can log in to your..
Web Security Academy
2025. 4. 17. 17:02