File path traversal, validation of file extension with null byte bypass
Let's access the image through the browser.
We can now intercept this request in Burp Suite using the Proxy.
Now, we can forward the request to the Repeater to makes changes in it.
Let's change the filename parameter to the following and forward the request:
The server expects a .png file extension. We can use %00 characters before the extension so that our string gets terminated before the extension
We have successfully solved the lab.
Last updated
Was this helpful?