File upload - ZIP

30 Points

Unsafe decompression

Author

ghozt, 3 August 2017

Level

Validations

1365 Challengers 2%

Note

120 Votes

To reach this part of the site please login

3 Solutions

Display solutions Submit a solution

Challenge Results

Pseudo	Challenge	Lang	date
0xUKN	File upload - ZIP		26 May 2018 at 13:14
Piratologue	File upload - ZIP		26 May 2018 at 03:20
Tarim	File upload - ZIP		26 May 2018 at 02:13
Siras	File upload - ZIP		26 May 2018 at 00:54
lnwza007	File upload - ZIP		25 May 2018 at 16:46
virus baghdad	File upload - ZIP		25 May 2018 at 15:53
Jessica	File upload - ZIP		25 May 2018 at 14:21
@90n	File upload - ZIP		25 May 2018 at 14:00
Pi3rrot	File upload - ZIP		25 May 2018 at 11:36
nouvellerevolution@protonmail.com	File upload - ZIP		25 May 2018 at 11:12

54 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	HTML	50% 42955	5		g0uZ		1
	HTTP - Open redirect	11% 9383	10		Swissky		8
	Command injection	10% 8547	10		sambecks		7
	Weak password	39% 33680	10		g0uZ		4
	User-agent	26% 22177	10		g0uZ		8
	Backup file	20% 16790	15		g0uZ		6
	HTTP directory indexing	27% 22675	15		g0uZ		3
	HTTP Headers	17% 14428	15		Arod		7
	HTTP verb tampering	16% 13580	15		g0uZ		8
	Install files	17% 14183	15		g0uZ		1
	Improper redirect	13% 10853	15		Arod		7
	CRLF	10% 8438	20		g0uZ		5
	File upload - double extensions	12% 10238	20		g0uZ		6
	File upload - MIME type	10% 7807	20		g0uZ		6
	HTTP cookies	15% 12612	20		g0uZ		5
	Directory traversal	13% 10630	25		g0uZ		1
	File upload - null byte	9% 7382	25		g0uZ		4
	PHP assert()	4% 3405	25		Birdy42		7
	PHP filters	8% 6702	25		g0uZ		3
	PHP register globals	7% 5535	25		g0uZ		1
	File upload - ZIP	2% 1365	30		ghozt		3
	Command injection - Filter bypass	2% 1078	30		sambecks		6
	Local File Inclusion	10% 8597	30		g0uZ		3
	Local File Inclusion - Double encoding	5% 3780	30		zM		3
	PHP - Loose Comparison	1% 861	30		ghozt		3
	PHP preg_replace()	4% 2957	30		sambecks		3
	PHP type juggling	4% 2848	30		vic511		3
	Remote File Inclusion	5% 3800	30		g0uZ		6
	Server-side Template Injection	4% 3007	30		righettod		3
	SQL injection - authentication	14% 12107	30		g0uZ		11
	SQL injection - authentication - GBK	3% 2052	30		dvor4x		3
	SQL injection - string	7% 5591	30		g0uZ		6
	XSLT - Code execution	1% 674	30		ghozt		4
	LDAP injection - authentication	5% 3504	35		g0uZ		8
	NoSQL injection - authentication	3% 2462	35		mastho		5
	Path Truncation	2% 1727	35		Geluchat		3
	PHP Serialization	3% 2505	35		Arod		2
	SQL injection - numeric	6% 4611	35		g0uZ		5
	SQL Injection - Routed	2% 953	35		soka		4
	SQL Truncation	3% 2012	35		Geluchat		2
	XML External Entity	2% 1301	35		sambecks		1
	XPath injection - authentication	4% 2666	35		g0uZ		3
	Java - Spring Boot	1% 516	40		dvor4x		2
	Local File Inclusion - Wrappers	1% 826	40		sambecks		2
	SQL injection - Error	3% 1925	40		sambecks		3
	SQL injection - Insert	2% 867	40		sambecks		2
	SQL injection - file reading	2% 1589	40		Arod		1
	XPath injection - string	2% 1455	40		g0uZ		2
	NoSQL injection - blind	1% 758	45		ghozt		3
	SQL injection - Time based	2% 1410	45		ycam		2
	SQL injection - blind	4% 2776	50		g0uZ		4
	LDAP injection - blind	2% 1029	55		g0uZ		1
	XPath injection - blind	1% 642	75		g0uZ		2
	SQL injection - filter bypass	1% 593	80		sambecks		4