Tuesday, November 23, 2021

Simple PHP to Upload File (Insecure)

Below is php code for a simple file upload page.  This code is insecure and could allow an upload of a backdoor to your server.


<?php
    if (isset($_POST['submit'])) {
	$currentDirectory = getcwd();
    $uploadDirectory = "/uploads/";

        $fileName = $_FILES['f']['name'];
        $fileTempName  = $_FILES['f']['tmp_name'];

    	$uploadPath = $currentDirectory . $uploadDirectory . basename($fileName); 
        move_uploaded_file($fileTempName, $uploadPath);

        echo "The file " . basename($fileName) . " has been uploaded";
    }

    
?>

<html>
<body>
    <form action="upload.php" method="post" enctype="multipart/form-data">
        Upload a File:
        <input type="file" name="f">
        <input type="submit" name="submit" value="Upload">
    </form>
</body>
</html>
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Test Authentication from Linux Console using python3 pexpect

Working with the IT420 lab, you will discover that we need to discover a vulnerable user account.  The following python3 script uses the pex...