Subscribed to: https://medium.com/@kerstan
Hello everyone, I’m Kerstan.
Today is Bug bounty Tuesday, I will share with you about the useful file upload tip in bug bounty.
So, let’s dive right in.
If you can upload.zip file on target then:
1. Create a.php file(rce.php)
2. Compress it to a.zip file(file.zip)
3. Upload your.zip file on the vulnerable web application.
4. Trigger your RCE via: https://<target Site>.com/index.php?page=zip://path/file.zip#rce.php
If this writing has been helpful to you, please consider giving it a clap and following. Thanks bro.
Alternatively, you can just buy me a coffee here, any sort of support is much appreciated. Enjoy your reading.
If you want to learn more knowledge about Bug Bounty Tuesday, please be sure to take a look at my latest articles.