Week 49 - File Upload Bypass
Last updated
Last updated
Looking for another way of exploiting PHP file uploads?
Say the application properly blocks all attempts at uploading PHP files (.php, .php4, .php5, etc). If you are lucky enough to find an application that stores file uploads in the web root (e.g. /var/www/html/file.txt) try uploading a file named .htaccess containing the following:
AddType application/x-httpd-php .cth
Now .cth files will execute as .php and you can successfully bypass PHP upload restrictions!
This works because .htaccess is a file stored in the web root that controls high-level server configurations, like URL redirection and file rendering.
Shoutout to John H. and alh4zr3d for this one