File upload page #2

• File upload page with content type verification.
• Only JPEG, GIF and PNG can be uploaded.

Possibilities

• Verification mechanism can be bypassed easily.

Uploading PHP Shell

• Download any PHP shell from a source you know of. b374k-shell is a good choice and is used in here, which can be downloaded for free.
• Upload it using the file upload page.
• Use any HTTP POST editing tool and change the content type to image/png.
• Access it by visitng https://<your_ip>/bricks/upload-2/uploads/<file_name>.php