Notice: _load_textdomain_just_in_time işlevi yanlış çağrıldı. Translation loading for the perfect-portfolio domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Ayrıntılı bilgi almak için lütfen WordPress hata ayıklama bölümüne bakın. (Bu ileti 6.7.0 sürümünde eklendi.) in /home/margheri/public_html/wp-includes/functions.php on line 6121
Portswigger Lab arşivleri - Sayfa 2 / 4 - Aleyna Doğan
Showing 39 Result(s)

Portswigger: Unprotected admin functionality Writeup

Lab link. This lab has an unprotected admin panel. Solve the lab by deleting the user carlos. We visit the robots.txt file. This prevents the specified user agent (in this case all bots) from accessing the URL path /administrator-panel. In other words, the website does not want search engines to crawl the /administrator-panel directory. Try to …

Portswigger: Exploiting XInclude to retrieve files Writeup

Lab link. This lab has a “Check stock” feature that embeds the user input inside a server-side XML document that is subsequently parsed. Because you don’t control the entire XML document you can’t define a DTD to launch a classic XXE attack. To solve the lab, inject an XInclude statement to retrieve the contents of the /etc/passwd file. XInclude is a …

Writeup: Web shell upload via obfuscated file extension

Lab link. If the application has taken precautions for the file extension, there are several ways to bypass this precaution. In this lab, we use the null byte method to bypass the file extension blocking. In Requesat’s response, we see that our file was uploaded correctly. In the GET /files/avatars/ we correct our file name …

Writeup: Web shell upload via extension blacklist bypass

Lab link. The application has used a blacklist for security, but if we upload the .htaccess file, we can allow any file extension we want on the server. The file with the .php extension does not work. We make changes to the POST /my-account/avatar request. Now we can upload files with .l33t extension. We change …

Writeup: Web shell upload via path traversal

Lab link. In some systems, there may be more than one vulnerability, or we may continue with a different vulnerability in the continuation of one vulnerability. In this lab, we can upload files thanks to path traversal. In the lab, we are asked to access the file /home/carlos/secret. We create a php file to access …