2 Videos for DOMPDF RCE

PRO
Tier
difficulty_medium_icon
Medium
clock icon
< 1 Hr.
number of users completed icon
149
badge icon
Media Badge
image of exercise DOMPDF RCE: Introduction
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
DOMPDF RCE: Introduction

In this video, we explore an introduction to the DOMPDF RCE challenge, part of the media badge on PentesterLab. We discuss how attackers can exploit the DOMPDF library to execute remote code by injecting malicious HTML and CSS to create a web shell.

video duration icon05:12 number of views icon199

 

image of exercise DOMPDF RCE: Exploitation
play btn
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
DOMPDF RCE: Exploitation

In this video, we cover the DOMPDF RCE challenge as part of the media badge. We demonstrate how to exploit a Remote Code Execution (RCE) vulnerability in the DOMPDF library by crafting a malicious font file and using it to execute arbitrary PHP code on the server.

video duration icon06:02 number of views icon290