DOMPDF RCE

Bookmarked!

This exercise covers the exploitation of a vulnerability in the DOMPDF library

PRO Medium < 1 Hr. 156 Media Badge

Course

In this challenge, you will exploit DOMPDF to gain code execution by injecting a stylesheet that links to a malicious font file. This lab is based on an insightful blog post by Positive Security.

Skills covered

Injection Operating System Network

Included with PRO

Full course content 2 videos

Ready to practice?

Get access to this lab and 600+ hands-on exercises with a PRO subscription.

Go PRO or create a free account