Readers can refer to and subscribe to the column: Upload-Labs shooting range offensive and defensive combat
Antsword Ant Sword
The use of the Ant Sword tool, the operation can refer to:
[Network Security] AntSword (ant sword) actual combat problem solving detailed analysis (entry)
posture
Backend logic code:
Analysis of the source code shows that it is impossible to bypass the file extension at this time
This question examines .htaccess bypass
.htaccess (Hypertext Access) is a configuration file used to configure the behavior of the Apache server. It is usually located in the root directory of the website or in a specific directory, and is used to control the settings of file access permissions, redirection, error handling, authentication, etc. under the directory.
So we can upload the .htaccess file to be able to access the script file and execute the script
The .htaccess content is:
<FilesMatch "asdfg.jpg">
SetHandler application/x-httpd-php
</FilesMatch>
This code uses the FilesMatch directive of the .htaccess file to process specific files.
When the server receives a request for the "asdfg.jpg" file, according to this instruction, the server will process it as a PHP script instead of returning it to the user as a static image.
Then we construct asdfg.jpg:
Upload the .htaccess file:
Then upload the script file:
Enter the file upload path,http://localhost/upload-labs-master/upload/asdfg.jpg
The script can be successfully executed:
Summarize
The above is the detailed analysis of [Network Security] upload-labs Pass-04 problem solving, and the detailed analysis of [Network Security] xss-labs Pass-05 problem solving will be shared later.
I am Qiu said , see you next time.