File upload - Double extensions

20 Punkte

Gallery v0.02

Autor

g0uZ, 24 Dezember 2012

Stufe

Validierung

16686 Herausforderer 11%

Bewertung

788 votes

Bitte loggen Sie sich ein um auf diese Seite zugreifen zu können

1 Musterlösung

Musterlösungen anschauen Eine Musterlösung vorschlagen

Ergebnisse der Übungen

Nickname	Übungen	Sprache	date
NixOTrix	File upload - Double extensions		15. November 2019 zu 18:36
arcnet	File upload - Double extensions		15. November 2019 zu 18:35
meowtehkat	File upload - Double extensions		15. November 2019 zu 17:42
150k	File upload - Double extensions		15. November 2019 zu 17:24
alphyr	File upload - Double extensions		15. November 2019 zu 15:13
opusidea	File upload - Double extensions		15. November 2019 zu 15:00
Hatoo	File upload - Double extensions		15. November 2019 zu 14:07
Daredevil	File upload - Double extensions		15. November 2019 zu 13:13
Salamandre55	File upload - Double extensions		15. November 2019 zu 13:11
Osatech	File upload - Double extensions		15. November 2019 zu 12:10

61 Übungen

Ergebnis	Name der Übung	Validierung	Anzahl der Punkte	Schwierigkeitsgrad	Autor	Bewertung	Musterlösung
	HTML - Source code	48% 75451	5		g0uZ		2
	HTTP - Open redirect	17% 25969	10		Swissky		1
	HTTP - User-agent	24% 37653	10		g0uZ		3
	Weak password	34% 53723	10		g0uZ		1
	PHP - Command injection	16% 25019	10		sambecks		4
	Backup file	17% 26902	15		g0uZ		1
	HTTP - Directory indexing	24% 37090	15		g0uZ		1
	HTTP - Headers	16% 24768	15		Arod		1
	HTTP - POST	11% 16245	15		Th1b4ud		1
	HTTP - Improper redirect	12% 18964	15		Arod		1
	HTTP - Verb tampering	15% 22465	15		g0uZ		1
	Install files	15% 22516	15		g0uZ		1
	CRLF	10% 14526	20		g0uZ		1
	File upload - Double extensions	11% 16686	20		g0uZ		1
	File upload - MIME type	9% 13012	20		g0uZ		2
	HTTP - Cookies	14% 20860	20		g0uZ		1
	Insecure Code Management	1% 1326	20		Swissky		0
	JSON Web Token (JWT) - Introduction	2% 1912	20		Knowledge		0
	Directory traversal	11% 17383	25		g0uZ		1
	File upload - Null byte	8% 12076	25		g0uZ		1
	JSON Web Token (JWT) - Weak secret	1% 1264	25		Jrmbt		0
	PHP - assert()	5% 6912	25		Birdy42		1
	PHP - Filters	7% 10559	25		g0uZ		1
	PHP - register globals	6% 8821	25		g0uZ		1
	File upload - ZIP	3% 3935	30		ghozt		0
	Command injection - Filter bypass	2% 2914	30		sambecks		0
	Java - Server-side Template Injection	4% 4909	30		righettod		0
	JSON Web Token (JWT) - Public key	1% 657	30		Jrmbt		0
	Local File Inclusion	9% 13494	30		g0uZ		0
	Local File Inclusion - Double encoding	5% 6386	30		zM		1
	PHP - Loose Comparison	2% 3044	30		ghozt		0
	PHP - preg_replace()	4% 4898	30		sambecks		0
	PHP - type juggling	3% 4672	30		vic		0
	Remote File Inclusion	4% 5784	30		g0uZ		2
	SQL injection - Authentication	13% 19557	30		g0uZ		2
	SQL injection - Authentication - GBK	3% 4061	30		dvor4x		0
	SQL injection - String	6% 8952	30		g0uZ		2
	XSLT - Code execution	2% 1594	30		ghozt		1
	LDAP injection - Authentication	4% 5314	35		g0uZ		1
	NoSQL injection - Authentication	3% 3976	35		mastho		0
	PHP - Path Truncation	2% 2980	35		Geluchat		0
	PHP - Serialization	3% 3690	35		Arod		0
	SQL injection - Numeric	5% 6844	35		g0uZ		0
	SQL Injection - Routed	2% 1968	35		soka		0
	SQL Truncation	3% 3213	35		Geluchat		0
	XML External Entity	2% 2411	35		sambecks		0
	XPath injection - Authentication	3% 3963	35		g0uZ		0
	Java - Spring Boot	1% 1028	40		dvor4x		0
	Local File Inclusion - Wrappers	1% 1504	40		sambecks		0
	PHP - Eval	1% 1169	40		chmod		0
	SQL injection - Error	3% 3303	40		sambecks		0
	SQL injection - Insert	1% 1413	40		sambecks		0
	SQL injection - File reading	2% 2562	40		Arod		0
	XPath injection - String	2% 2122	40		g0uZ		0
	NoSQL injection - Blind	1% 1388	45		ghozt		0
	SQL injection - Time based	2% 2395	45		ycam		0
	Server Side Request Forgery	1% 496	50		sambecks		0
	SQL injection - Blind	3% 3759	50		g0uZ		0
	LDAP injection - Blind	1% 1549	55		g0uZ		0
	XPath injection - Blind	1% 1033	75		g0uZ		0
	SQL injection - Filter bypass	1% 1030	80		sambecks		0