In this tutorial, we will learn how to handle file uploads in a PHP application. We will create a custom UI interface to upload images and videos with drag-and-drop functionality, progress bars, and backend support for file uploads and validations.| ImageKit.io Blog
Published on| offsec.almond.consulting
Pilgrimage starts with a website that reduces image size. I’ll find an exposed Git repo on the site, and use it to see it’s using a version of Image Magick to do the image reduction that has a file read vulnerability. I’ll use that to enumerate the host and pull the SQLite database. That database gives a plaintext password that works for SSH. There’s a script run by root that’s monitor file uploads using inotifywait. When there’s a file, it runs binwalk on the file to look for exe...| 0xdf hacks stuff