Preview Image

Remote code execution via polyglot web shell upload

Laboratorio de Portswigger sobre File Upload

Nov 25, 2024 Portswigger, File Upload

Preview Image

Web shell upload via obfuscated file extension

Laboratorio de Portswigger sobre File Upload

Nov 25, 2024 Portswigger, File Upload

Preview Image

Web shell upload via extension blacklist bypass

Laboratorio de Portswigger sobre File Upload

Nov 25, 2024 Portswigger, File Upload

Preview Image

Web shell upload via path traversal

Laboratorio de Portswigger sobre File Upload

Nov 25, 2024 Portswigger, File Upload

Preview Image

File path traversal, validation of file extension with null byte bypass

Laboratorio de Portswigger sobre Path Traversal

Nov 24, 2024 Portswigger, Path Traversal

Preview Image

File path traversal, validation of start of path

Laboratorio de Portswigger sobre Path Traversal

Nov 24, 2024 Portswigger, Path Traversal

Preview Image

File path traversal, traversal sequences stripped with superfluous URL-decode

Laboratorio de Portswigger sobre Path Traversal

Nov 24, 2024 Portswigger, Path Traversal

Preview Image

File path traversal, traversal sequences stripped non-recursively

Laboratorio de Portswigger sobre Path Traversal

Nov 24, 2024 Portswigger, Path Traversal

Preview Image

File path traversal, traversal sequences blocked with absolute path bypass

Laboratorio de Portswigger sobre Path Traversal

Nov 24, 2024 Portswigger, Path Traversal

Preview Image

File path traversal, simple case

Laboratorio de Portswigger sobre Path Traversal

Nov 24, 2024 Portswigger, Path Traversal