Web security file upload shooting range construction
A file upload vulnerability refers to a web server that allows users to upload files to its file system, but these files may not have been fully validated , such as file name, type, content, or size. Failure to properly enforce these restrictions meant that even the most basic image upload functionality could be used to upload arbitrary potentially dangerous files, including server-side script files for remote code execution.
Disclaimer:
It is strictly forbidden to use the tools and techniques mentioned in this article to conduct illegal attacks, otherwise the consequences will be at your own risk, and the uploader will not bear any responsibility.
Range link: https://pan.baidu.com/s/1I6Sj1oFlahZuwZI45Su6_w Extraction code: tian
Range installation steps:
The first step: (1) Install phpStudy .
Step 2: (1) Modify the common settings of the phpStudy port.
(2) Change port 80 to port 801. (Click "Apply")
Step 3: (1) Open the root directory of the website.
(2) Unzip the upload range and put it in the root directory of the website.
Step 4: Open the browser and enter http://192.168.0.102:801/upload/ (192.168.0.102 is the local IP address, 801 is the port, and upload is the directory)
