Course
This lab focuses on exploiting a vulnerability similar to CVE-2020-7115, where you manipulate command-line arguments to gain code execution. The exercise involves a file upload feature that uses <code>clamscan</code> for virus checking and shows how to bypass security functions like <code>basename</code> and <code>escapeshellcmd()</code> in PHP.
Skills covered
Injection
Operating System
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
