Never trust the user input! Introduction Uploaded files can pose a significant risk to web applications which means the security side of file upload forms must be at the maximum level. During penetration testing engagements, you may have seen unrestricted file uploads which can quickly grant you RCE, but it’s not always that easy. In some cases you have to bypass certain restrictions and trick the target application into uploading your malicious shell....
In today’s blog post I’ll be doing a simple source code analysis of vulnerable web blog made by PentesterLab. It’s a basic PHP web app for learning white box testing, meaning that we have access to all of source code. Analysis The first thing I’ll be looking into is index.php file: <?php $site = "PentesterLab vulnerable blog"; require "header.php"; $posts = Post::all(); ?><div class="block" id="block-text"> <div class="secondary-navigation"> <div class="content"> <?php foreach ($posts as $post) { echo $post->render(); } ?...