Bricks Documentation

File upload page #2

  • File upload page with content type verification.
  • Only JPEG, GIF and PNG can be uploaded.

Possibilities

  • Verification mechanism can be bypassed easily.

Uploading PHP Shell
  • Download any PHP shell from a source you know of. b374k-shell is a good choice and is used in here, which can be downloaded for free.
  • Upload it using the file upload page.
  • Use any HTTP POST editing tool and change the content type to image/png.
  • Access it by visitng https://<your_ip>/bricks/upload-2/uploads/<file_name>.php