DOMPDF RCE II: Exploitation - part 2

image of exercise DOMPDF RCE II: Exploitation - part 2
Access to videos for this exercise is only available with PentesterLab PRO GOPRO
Spoiler
DOMPDF RCE II: Exploitation - part 2

In this video, we continue exploiting DOMPDF RCE by leveraging a crafted PHAR file for remote code execution. Through base64 encoding, URL encoding, and manipulating the payload, we ultimately achieve command execution on the server.

video duration icon06:55 number of views icon153