File upload of DVWA range

Upload files

Refers to a vulnerability that allows us to upload our files , Through this vulnerability, we can upload some Trojans

Now let's analyze low Level source code

first if Confirm our upload operation , after $target_path Function to determine the location of the file we upload , Get the name of our file , If the file is not moved to the location specified by the function, the upload fails , Otherwise, the upload will succeed

because low The level is not filtered, so we can upload at will

So let's see medium Level

Here he gets the name of the file we uploaded , type , size , If the type of file we upload is not jpeg,png And the size of the file we uploaded is not less than 100kb Cannot upload , The file will be moved when it meets the requirements , Upload failed without moving , After successfully moving, it will be uploaded successfully

We can go through burpsuite To bypass , When we upload other types of files, grab their packages and send them to repeater, Modify the file type to image/png Send again to bypass

Now let's talk about high Level

  Here is the definition of a white list , use uploaded_ext Function to get your extension name , Your file extension name must meet the requirements