2 Videos for DOMPDF RCE III

PRO
Tier
Medium
2-4 Hrs.
47
Media Badge
image of exercise DOMPDF RCE III: Introduction
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
DOMPDF RCE III: Introduction

In this video, we delve into the DOMPDF RCE III challenge, which is part of the Media Badge series. We explore how a web application uses DOMPDF to generate PDFs and how an attacker can exploit this process to achieve remote code execution.

video duration icon04:02 number of views icon44

 

image of exercise DOMPDF RCE III: Exploitation
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
DOMPDF RCE III: Exploitation

In this video, we cover the DOMPDF RCE III challenge from the Media Badge. We demonstrate how to exploit the vulnerability by uploading a specially crafted PHAR file, creating a web shell on the target server, and achieving Remote Code Execution (RCE).

video duration icon06:46 number of views icon133