Notes
  • 👀About me
  • ℹī¸Good Reads
  • 🌐Web
    • Web Pentesting Checklist
    • Insecure Deserialization
    • Blind XPath Injection
    • GraphQL
    • Reverse Shells
      • IIS
    • Content-Security-Policy
      • XSS (Static Nonce in CSP)
    • LLM (Large Language Models)
  • 📘Windows API
    • C# - P/Invoke
  • ☕Miscellaneous Topics
    • Phishing with Gophish
    • Pentest Diaries
      • SQL Queries via Grafana
      • LDAP Pass Back Attack
      • Misconfigured File Upload to RCE
  • 🧃Hack The Box
    • Intelligence
    • Seal
    • Under Construction
    • Previse
    • Return
    • Sauna
    • Nest
  • 📕TryHackMe
    • Wordpress CVE-2021-29447
    • Attacktiv
    • Fortress
    • internal
  • 🛠ī¸Cheatsheet
    • Anti-Forensic Techniques
    • JSON - jq
    • Docker
    • Hidden Secrets
    • Database Exploitation
      • PostgreSQL
        • Blind SQLi script
      • SQL Server
    • C Sharp
    • Reversing
      • Windows
    • SSH
    • Python
      • Miscellaneous Scripts
        • Credential Bruteforcing a CLI service
    • Privilege Escalation
      • Windows
    • socat
    • OSINT
      • Shodan
    • Installation
Powered by GitBook
On this page

Was this helpful?

  1. Miscellaneous Topics
  2. Pentest Diaries

Misconfigured File Upload to RCE

Even though file upload functionality responds with a file upload type error, it could still be possible that the file is being uploaded to the web server directory and then being checked. If the file is not deleted on the server after failing the file checks it could lead to RCE.

PreviousLDAP Pass Back AttackNextIntelligence

Last updated 2 years ago

Was this helpful?

☕