File Upload 02
Bookmarked!This exercise is one of our challenges on Upload vulnerabilities
In this lab, part of the essential badge, you will delve into a source code review of the "Upload 02" challenge. The developer has attempted to restrict file uploads to prevent .php
files from being uploaded by checking if the file name ends with .php
. However, this restriction can be easily bypassed by renaming the file to an alternative extension such as .php3
, which the server will also interpret as a PHP file.
The video transcript provides a detailed walkthrough of the code, highlighting that the uploaded file is placed within the webroot, posing a security risk if the file is executable. The code uses regular expressions to filter out .php
files but fails to account for other PHP extensions, which can be exploited to gain code execution on the server. It also mentions the potential for file overwriting if two files with the same name are uploaded.