File upload - ZIP

30 Points

Unsafe decompression

Author

ghozt, 3 August 2017

Level

Validations

1712 Challengers 2%

Note

138 Votes

To reach this part of the site please login

3 Solutions

Display solutions Submit a solution

Challenge Results

Pseudo	Challenge	Lang	date
flawseeker	File upload - ZIP		20 August 2018 at 15:25
Fnby	File upload - ZIP		20 August 2018 at 11:52
minhboy1996	File upload - ZIP		20 August 2018 at 06:09
3mptyR04d	File upload - ZIP		19 August 2018 at 21:25
hebi64	File upload - ZIP		19 August 2018 at 20:50
Anh Da Den	File upload - ZIP		19 August 2018 at 19:14
xertux	File upload - ZIP		19 August 2018 at 16:10
Tran Huu Tri	File upload - ZIP		19 August 2018 at 10:17
3tn0	File upload - ZIP		18 August 2018 at 18:43
Hoo	File upload - ZIP		18 August 2018 at 14:12

56 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	HTML	50% 46161	5		g0uZ		1
	HTTP - Open redirect	13% 11457	10		Swissky		9
	Command injection	12% 10638	10		sambecks		8
	Weak password	39% 35765	10		g0uZ		5
	User-agent	26% 23868	10		g0uZ		9
	Backup file	20% 18093	15		g0uZ		6
	HTTP - POST	1% 668	15		Th1b4ud		5
	HTTP directory indexing	27% 24302	15		g0uZ		4
	HTTP Headers	17% 15742	15		Arod		8
	HTTP verb tampering	16% 14760	15		g0uZ		10
	Install files	17% 15282	15		g0uZ		2
	Improper redirect	13% 11831	15		Arod		8
	CRLF	10% 9251	20		g0uZ		6
	File upload - double extensions	12% 11097	20		g0uZ		8
	File upload - MIME type	10% 8494	20		g0uZ		6
	HTTP cookies	15% 13616	20		g0uZ		5
	Directory traversal	13% 11505	25		g0uZ		1
	File upload - null byte	9% 8042	25		g0uZ		4
	PHP assert()	5% 3904	25		Birdy42		8
	PHP filters	8% 7242	25		g0uZ		3
	PHP register globals	7% 6015	25		g0uZ		1
	File upload - ZIP	2% 1713	30		ghozt		3
	Command injection - Filter bypass	2% 1317	30		sambecks		6
	Local File Inclusion	10% 9248	30		g0uZ		3
	Local File Inclusion - Double encoding	5% 4194	30		zM		3
	PHP - Loose Comparison	2% 1215	30		ghozt		3
	PHP preg_replace()	4% 3305	30		sambecks		4
	PHP type juggling	4% 3117	30		vic511		4
	Remote File Inclusion	5% 4110	30		g0uZ		8
	Server-side Template Injection	4% 3317	30		righettod		3
	SQL injection - authentication	14% 12963	30		g0uZ		11
	SQL injection - authentication - GBK	3% 2299	30		dvor4x		3
	SQL injection - string	7% 6056	30		g0uZ		7
	XSLT - Code execution	1% 789	30		ghozt		5
	LDAP injection - authentication	5% 3816	35		g0uZ		8
	NoSQL injection - authentication	3% 2675	35		mastho		6
	Path Truncation	3% 1918	35		Geluchat		3
	PHP Serialization	3% 2667	35		Arod		2
	SQL injection - numeric	6% 4934	35		g0uZ		5
	SQL Injection - Routed	2% 1077	35		soka		4
	SQL Truncation	3% 2190	35		Geluchat		2
	XML External Entity	2% 1459	35		sambecks		1
	XPath injection - authentication	4% 2850	35		g0uZ		4
	Java - Spring Boot	1% 573	40		dvor4x		2
	Local File Inclusion - Wrappers	1% 923	40		sambecks		2
	SQL injection - Error	3% 2187	40		sambecks		3
	SQL injection - Insert	2% 932	40		sambecks		2
	SQL injection - file reading	2% 1802	40		Arod		2
	XPath injection - string	2% 1563	40		g0uZ		2
	NoSQL injection - blind	1% 849	45		ghozt		3
	SQL injection - Time based	2% 1622	45		ycam		2
	Server Side Request Forgery	1% 133	50		sambecks		1
	SQL injection - blind	4% 2947	50		g0uZ		4
	LDAP injection - blind	2% 1107	55		g0uZ		1
	XPath injection - blind	1% 703	75		g0uZ		3
	SQL injection - filter bypass	1% 654	80		sambecks		4