File upload - Double extensions

20 Punkte  0x0

Galerie v0.02

Autor

g0uZ,  

Stufe  Schwierigkeitsgrad

Validierung

32813 Herausforderer 11%

Bewertung  Bewertung

1
2
3
4
5
1312 votes

Bitte loggen Sie sich ein um auf diese Seite zugreifen zu können

solutions 1 Musterlösung

Musterlösungen anschauen Eine Musterlösung vorschlagen

Ergebnisse der Übungen Ergebnisse der Übungen

Nickname Übungen Sprache date
yume Web - Serveur  File upload - Double extensions fr 25. April 2024 zu  13:36
Ansar Web - Server  File upload - Double extensions en 25. April 2024 zu  12:31
sevenfold Web - Serveur  File upload - Double extensions fr 25. April 2024 zu  03:31
wez Web - Server  File upload - Double extensions en 24. April 2024 zu  19:45
jhabli Web - Serveur  File upload - Double extensions fr 24. April 2024 zu  18:36
RrenWa Web - Serveur  File upload - Double extensions fr 24. April 2024 zu  18:08
ebonnet Web - Serveur  File upload - Double extensions fr 24. April 2024 zu  16:49
TheDarkire Web - Serveur  File upload - Double extensions fr 24. April 2024 zu  11:55
i.dont.want.to.be.a.script.kiddie Web - Serveur  File upload - Double extensions fr 24. April 2024 zu  11:54
Havzer Web - Serveur  File upload - Double extensions fr 24. April 2024 zu  10:48

challenges 92 Premium Übungen

Ergebnis Name Validierung Anzahl der Punkte  Erklärung der Punktevergabe Schwierigkeitsgrad  Schwierigkeitsgrad Autor Bewertung  Bewertung Musterlösung date
pas_valide HTML - Source code 49% 157680 5 g0uZ 2 3. Oktober 2006
pas_valide PHP - Serialization 2% 6448 35 Arod 0 3. Februar 2014
pas_valide GraphQL - Backend injection 1% 322 40 apges01 0 19. Januar 2023
pas_valide API - Broken Access 2 1% 65 40 Nishacid , Mika 0 18. Januar 2024
pas_valide Yaml - Deserialization 1% 1237 35 Nishacid 0 20. April 2021
pas_valide XPath injection - Authentication 2% 6265 35 g0uZ 0 27. Dezember 2012
pas_valide XML External Entity 2% 5217 35 sambecks 0 20. Oktober 2014
pas_valide SQL Truncation 2% 6235 35 Geluchat 0 1. Mai 2015
pas_valide SQL Injection - Routed 2% 4917 35 soka 0 24. Dezember 2016
pas_valide SQL injection - Numeric 5% 13954 35 g0uZ 0 24. Dezember 2012
pas_valide PHP - Path Truncation 2% 5171 35 Geluchat 0 25. März 2015
pas_valide Java - Spring Boot 1% 2219 40 dvor4x 0 24. Dezember 2016
pas_valide NoSQL injection - Authentication 3% 7281 35 mastho 0 31. Mai 2015
pas_valide Node - Serialize 1% 1136 35 Mhd_Root 0 24. Februar 2021
pas_valide LDAP injection - Authentication 3% 9743 35 g0uZ 1 26. Mai 2013
pas_valide JWT - Unsecure Key Handling 1% 581 35 Nishacid , Mika 0 23. Februar 2023
pas_valide Elixir - EEx 1% 151 35 lolo42 0 29. November 2023
pas_valide XSLT - Code execution 2% 3502 30 ghozt 1 16. Juli 2017
pas_valide SQL injection - String 7% 20310 30 g0uZ 2 24. Dezember 2012
pas_valide SQL injection - Authentication - GBK 3% 9004 30 dvor4x 0 2. Dezember 2015
pas_valide SQL injection - Authentication 14% 42945 30 g0uZ 2 27. Februar 2011
pas_valide GraphQL - Mutation 1% 1453 40 CanardMandarin 0 20. Oktober 2020
pas_valide Local File Inclusion - Wrappers 2% 3423 40 sambecks 0 2. März 2016
pas_valide PHP - type juggling 3% 8436 30 vic 0 10. März 2016
pas_valide NodeJS - vm escape 1% 671 50 Podalirius 0 15. April 2021
pas_valide XPath injection - Blind 1% 2177 75 g0uZ 0 27. Dezember 2012
pas_valide Python - Blind SSTI Filters Bypass 1% 548 75 Podalirius 0 7. September 2021
pas_valide SQL Injection Second Order 1% 119 55 k4ndar3c 0 29. November 2023
pas_valide PHP - Unserialize Pop Chain 1% 561 55 Worty 0 22. Oktober 2021
pas_valide PHP - Unserialize overflow 1% 708 55 mayfly 0 4. April 2020
pas_valide LDAP injection - Blind 1% 3207 55 g0uZ 1 8. Juni 2013
pas_valide SQL injection - Blind 3% 7112 50 g0uZ 1 27. Februar 2011
pas_valide Server Side Request Forgery 1% 1715 50 sambecks 0 22. Juni 2018
pas_valide Java - Custom gadget deserialization 1% 46 50 Elweth 0 28. Dezember 2023
pas_valide PHP - Eval 2% 3373 40 chmod 0 8. November 2018
pas_valide SQL injection - Time based 2% 5295 45 ycam 0 11. September 2015
pas_valide NoSQL injection - Blind 1% 2787 45 ghozt 0 26. November 2016
pas_valide NodeJS - Prototype Pollution Bypass 1% 441 45 Worty 0 22. Oktober 2021
pas_valide File upload - Polyglot 1% 377 45 Cyxo 0 8. Juli 2022
pas_valide XPath injection - String 2% 3711 40 g0uZ 1 26. Mai 2013
pas_valide SQL injection - File reading 2% 5704 40 Arod 0 19. Oktober 2014
pas_valide SQL injection - Insert 1% 2977 40 sambecks 0 23. Februar 2015
pas_valide SQL injection - Error 3% 7135 40 sambecks 0 4. März 2015
pas_valide PHP - Eval - Advanced filters bypass 1% 508 40 Podalirius 0 8. Juli 2022
pas_valide Remote File Inclusion 4% 11175 30 g0uZ 2 25. November 2015
pas_valide PHP - preg_replace() 3% 8620 30 sambecks 0 2. März 2016
pas_valide HTTP - IP restriction bypass 8% 23856 10 Cyrhades 0 23. März 2021
pas_valide HTTP - Verb tampering 14% 43326 15 g0uZ 2 3. Februar 2011
pas_valide HTTP - Cookies 14% 42777 20 g0uZ 1 7. Oktober 2006
pas_valide GraphQL - Introspection 1% 2806 20 apges01 0 19. Januar 2023
pas_valide Flask - Unsecure session 1% 1336 20 Sanlokii 0 29. November 2023
pas_valide File upload - MIME type 8% 26151 20 g0uZ 2 26. Dezember 2012
pas_valide File upload - Double extensions 11% 32813 20 g0uZ 1 24. Dezember 2012
pas_valide CRLF 10% 29908 20 g0uZ 1 31. Juli 2011
pas_valide API - Mass Assignment 1% 1066 20 Nishacid , Mika 0 18. Januar 2024
pas_valide Install files 13% 41079 15 g0uZ 1 7. Oktober 2006
pas_valide HTTP - Improper redirect 13% 39715 15 Arod 2 26. November 2014
pas_valide JWT - Introduction 5% 15459 20 Kn0wledge 0 21. August 2019
pas_valide HTTP - POST 14% 45674 15 Th1b4ud 1 14. August 2018
pas_valide HTTP - Headers 16% 51089 15 Arod 2 11. Januar 2015
pas_valide HTTP - Directory indexing 23% 72518 15 g0uZ 1 7. Oktober 2006
pas_valide Backup file 16% 51266 15 g0uZ 1 27. Februar 2011
pas_valide API - Broken Access 1% 1541 15 Nishacid , Mika 0 18. Januar 2024
pas_valide PHP - Command injection 19% 61114 10 sambecks 4 20. September 2017
pas_valide Weak password 32% 102774 10 g0uZ 1 3. Oktober 2006
pas_valide HTTP - User-agent 24% 77881 10 g0uZ 5 3. Oktober 2006
pas_valide HTTP - Open redirect 19% 61715 10 Swissky 3 2. August 2017
pas_valide Insecure Code Management 4% 12537 20 Swissky 1 29. September 2019
pas_valide XSS - Server Side 1% 1706 20 Elf 0 23. Juni 2023
pas_valide PHP - Loose Comparison 3% 6847 30 ghozt 0 10. Januar 2018
pas_valide File upload - ZIP 3% 8892 30 ghozt 0 3. August 2017
pas_valide Node - Eval 1% 2581 30 Mhd_Root 0 24. Februar 2021
pas_valide Local File Inclusion - Double encoding 4% 12125 30 zM_ 1 13. Juni 2016
pas_valide Local File Inclusion 8% 24193 30 g0uZ 0 2. Oktober 2011
pas_valide JWT - Header Injection 1% 853 30 Nishacid , Mika 0 23. Februar 2023
pas_valide JWT - Public key 2% 3446 30 Jrmbt 0 21. August 2019
pas_valide Java - Server-side Template Injection 4% 10001 30 righettod 0 29. November 2015
pas_valide Command injection - Filter bypass 3% 7158 30 sambecks 1 20. September 2017
pas_valide GraphQL - Injection 1% 547 30 apges01 0 19. Januar 2023
pas_valide Flask - Development server 1% 488 30 Sanlokii 0 29. November 2023
pas_valide Python - Server-side Template Injection Introduction 2% 3807 25 Podalirius 0 7. September 2021
pas_valide Directory traversal 11% 33189 25 g0uZ 1 31. Juli 2011
pas_valide PHP - Remote Xdebug 1% 1352 25 mayfly 0 18. März 2020
pas_valide PHP - register globals 5% 14966 25 g0uZ 1 8. Oktober 2011
pas_valide PHP - Filters 6% 18600 25 g0uZ 1 27. Februar 2011
pas_valide PHP - Apache configuration 1% 1884 25 erk3 , nemoz 0 8. Juli 2022
pas_valide PHP - assert() 5% 14483 25 Birdy42 1 26. November 2016
pas_valide JWT - Unsecure File Signature 1% 1504 25 Nishacid , Mika 0 23. Februar 2023
pas_valide JWT - Weak secret 4% 10684 25 Jrmbt 0 21. August 2019
pas_valide JWT - Revoked token 2% 5249 25 ArnC 0 20. März 2020
pas_valide File upload - Null byte 7% 22401 25 g0uZ 1 26. Dezember 2012
pas_valide SQL injection - Filter bypass 1% 2479 80 sambecks 0 21. Juli 2014