Autoplay
Autocomplete
Previous Lesson
Complete and Continue
File Upload Vulnerabilities
Introduction
Course Introduction (2:12)
Course Slides and Scripts
Getting Help
Answering Your Questions (3:11)
Join the Discord Server
File Upload Vulnerabilities - Technical Deep Dive
Agenda (0:44)
What is a File Upload Vulnerability (5:10)
How to Find File Upload Vulnerabilities (9:00)
How to Exploit File Upload Vulnerabilities (7:19)
How to Prevent File Upload Vulnerabilities (2:51)
Additional Resources (0:41)
Lab Environment Setup
Lab Environment Setup (7:21)
Step-by-Step Guide
Hands-On File Upload Vulnerabilities Labs
Lab #1 Remote code execution via web shell upload (27:53)
Lab #2 Web shell upload via Content-Type restriction bypass (23:08)
Lab #3 Web shell upload via path traversal (26:54)
Lab #4 Web shell upload via extension blacklist bypass (30:11)
Lab #5 Web shell upload via obfuscated file extension (23:42)
Lab #6 Remote code execution via polyglot web shell upload (7:29)
Lab #7 Web shell upload via race condition (13:15)
Thank You!
Thank You!
Course Introduction
Complete and Continue