Web Shell via Polyglot File Upload!

Ohh, what a technique man! Thanks intigriti 🤩

khushmanvar

I have said before on another video i guess .. but u look things looks so easy and simple even though they are not 😁❤️ everytime i watch your videos i think like wow how i didn't get that idea .. learned a new usage of exiftool today from you . thank you so much for the amazing content ❤️❤️

asaadx

love the qualitiy of your burpsuite content - my sub is here :)

hybridshdw

but for better understanding: it is not possible to let the OS execute that comment in the image.png file if we say that the comment is a compiled c binary who do the same as that php file_gets_content function does?

eduardprivat

I had trouble with EXIFTOOL, it would complain if there was anything inside <? ?>.
Instead I edited metadata via Windows Explorer > Right click > Details > Title.

After I ran uploaded file, the output looked garbled, but inside it there was a 32 string, which is the same length as the codes in previous labs. I tried it and the code was accepted!

vilislacis

My php's MIME type is HTML in Burp Suite, but exiftool shows MIME type as image/png.... what am I doing wrong? :(

ponyride

Nice video!! if a put um reserve shell, its work? tks...

henrycharriere

Thank you for making such an informative video. I keep having this error on my cmd
Error: Error creating file: C:/example.png_exiftool_tmp - C:/example.png
0 image files updated
1 files weren't updated due to errors
what could be a good way to fix it?

ulrikmagana

can you make a video about API thank you

dizonnicolefranza.

do i need to install exiftool for it's a command any one can help me

jaitavyamishra

This example doesn't work in real world applications, it only works on your script kiddy testing platforms, the first thing that real world apps process is the file extension, if the file extension is blacklisted, it won't work, if you change the file extension through burp proxy from php to jpg, the code will be uploaded but not executed.

MikelLabouf