Malicious file upload : NO path of the uploaded file

doodle · December 3, 2015, 7:00am

Hi friends,

I have just started my career in infosec. I was trying to learn RCE through malicious file upload. I am against jsp application. Application is accepting the JSP file from image logo by using null byte. but after going to the location of uploaded file I am not getting the exact path. Path is like:

http://example.com/getuserlogo?id=somthing. I have crawled the complete application. but didn’t get any thing.

Is there any other way to find out the path. Please suggest me?

Thanks
doodle

yappare · December 4, 2015, 1:20am

Tried wireshark?
sometimes you can something from there

ctus · December 8, 2015, 8:09am

if you have a local instance of the app or access to the app’s backend you will see where there files are uploaded too.

perhaps uploading an image, then viewing the location of the image when it’s re-presented to you to view would be a good place to start looking

nijagaw · December 8, 2015, 1:39pm

You could check online if there is a documentation regarding uploading files with the application you are testing.
You could also find the location for a valid ID, check the file name and then see it that files is referenced in any other part of the application.

Topic		Replies	Views
Trying for xss! Starter Zone	2	1535	May 15, 2021
Am I on the verge of my first bug found? Starter Zone	5	2080	May 16, 2018
How to make more harmful injection in img src=" " with no CSP and trigger js in IMG tag Web Hacking	4	5945	May 7, 2019
Potentially Juicy Leak? Web Hacking	4	1493	July 1, 2019
Accessing JS files in a forbidden folder, is this an issue/bug? Web Hacking	3	1479	November 28, 2019

Malicious file upload : NO path of the uploaded file

Related Topics