File upload page #2
- File upload page with content type verification.
- Only JPEG, GIF and PNG can be uploaded.
- Verification mechanism can be bypassed easily.
Uploading PHP Shell
- Download any PHP shell from a source you know of. b374k-shell is a good choice and is used in here, which can be downloaded for free.
- Upload it using the file upload page.
- Use any HTTP POST editing tool and change the content type to image/png.
- Access it by visitng https://<your_ip>/bricks/upload-2/uploads/<file_name>.php