Upload Vulnerabilities

• What is the name of the image file which can be overwritten?

mountains.jpg

• Overwrite the image. What is the flag you receive?

THM{OTBiODQ3YmNjYWZhM2UyMmYzZDNiZjI5}

• Run a Gobuster scan on the website using the syntax from the screenshot above. What directory looks like it might be used for uploads?

(N.B. This is a good habit to get into, and will serve you well in the upcoming tasks...)

/resources

• Get either a web shell or a reverse shell on the machine.

What's the flag in the /var/www/ directory of the server? 

THM{YWFhY2U3ZGI4N2QxNmQzZjk0YjgzZDZk}

• What is the traditionally predominant server-side scripting language?

PHP

• When validating by file extension, what would you call a list of accepted extensions (whereby the server rejects any extension not in the list)?

Whitelist

• [Research] What MIME type would you expect to see when uploading a CSV file?

text/csv

• What is the flag in /var/www/?

THM{NDllZDQxNjJjOTE0YWNhZGY3YjljNmE2}

• What is the flag in /var/www/?

THM{MGEyYzJiYmI3ODIyM2FlNTNkNjZjYjFl}

• Grab the flag from /var/www/

THM{MWY5ZGU4NzE0ZDlhNjE1NGM4ZThjZDJh}

• Hack the machine and grab the flag from /var/www/

THM{NzRlYTUwNTIzODMwMWZhMzBiY2JlZWU2}