PHP shell upload with tftp transfer and direct shell.
Many web applications allow users to upload files:
* Web forums let users upload avatars.
* Photo galleries let users upload pictures.
* Collavorative and social networking web sites may allow uploading pictures, videos, documents, etc...
PHP makes file uploading very easy, allowing users to upload any file to your server. But with ease come huge security issues. Though it is not an issue with PHP itself but rather with people using PHP's facilities without understanding the implications.
Almost every application or website I have tested suffered from a variety of security problems, ranging from arbitrary file disclosure to remote arbitrary code execution. In this first article I am going to point out a security hole occurring in file upload implementations. Next time, I will suggest a way to implement a secure file upload, followed by a new way to bypass it and so on.
Happy uploading!
Comentarios