Level 7: Play with XSS

Let’s move on to the Level 7 section. 

Here, in this section, if we try to upload any file, then we will not receive any link, on which the file is uploaded.

The following PHP code will allow XSS files. But, we can find out the file location using cross-site scripting file upload vulnerability. 

 <?php
$files = @$_FILES["files"];
if ($files["name"] != '') {
$fullpath = $_REQUEST["path"] . $files["name"];
$filename=$files["name"];
if (move_uploaded_file($files['tmp_name'], $fullpath)) {
echo "Uploaded ".$filename;
}
else
echo "Error with this file".$filename;
}
echo '<form method=POST enctype="multipart/form-data" action="">
                      <input type="file" name="files">
                      <input type=submit value="Upload File"></form>';
?>

Save a file with the following cross-site scripting code. 

Now, upload it. Once we upload this file, we will prompt us with the domain name. 

Let’s try to find out, there will be the uploaded file are located. 

The file is uploaded within this same directory.

Let me change this PHP file name to the PHP info file. 

As expected, we have successfully accessed the PHP file.


Tags

You may like these posts

Show more

Post a Comment

0 Comments
* Please Don't Spam Here. All the Comments are Reviewed by Admin.

If you have any doubts or any queries you can specify here.

#buttons=(Ok, Go it!) #days=(20)

Our website uses cookies to enhance your experience. Learn More
Ok, Go it!