Web Shell Upload via Race Condition

👩‍🎓👨‍🎓 Learn about File Upload vulnerabilities and how to exploit them! This lab contains a vulnerable image upload function. Although it performs robust validation on any files that are uploaded, it is possible to bypass this validation entirely by exploiting a race condition in the way it processes them. To solve the lab, we need to upload a basic PHP web shell, then use it to exfiltrate the contents of the file /home/carlos/secret.

Overview:
0:00 Intro
0:26 Recap: file upload vulnerabilities
2:00 Exploiting file upload race conditions
3:07 Lab: Web shell upload via race condition
4:02 Explore profile image upload functionality
6:12 Leverage race condition for RCE
9:14 Conclusion

If you're struggling with the concepts covered in this lab, please review blog.intigriti.com/hackademy/file-upload-vulnerabi… and portswigger.net/web-security/race-conditions 🧠

🔗 ‪@PortSwiggerTV‬ challenge: portswigger.net/web-security/file-upload/lab-file-…

🧑💻 Sign up and start hacking right now - go.intigriti.com/register

👾 Join our Discord - go.intigriti.com/discord

🎙️ This show is hosted by twitter.com/_CryptoCat ( ‪@_CryptoCat‬ ) & twitter.com/intigriti

👕 Do you want some Intigriti Swag? Check out swag.intigriti.com/