Apache

Following this excellent article on ways to bypass upload vulnerabilities

We can craft a .htaccess file to bypass uplaods:

└─$ cat .htaccess AddType application/x-httpd-php .dork

This creates an entry for the upload directory with a new, custom filetype under the name `.dork`

Now we should be able to upload a shell with a .dork extension and be able to run PHP on the web server!

Last updated 2 months ago