Shell Upload | Task 6

Problem Statement

Prerequisites

• Network fundamentals (IP addresses, ports)

• netcat (basics like creating simple server)

• Familiarity in using a reverse shell

Solution

Our goal is to execute/run the shell on the server somehow, so how can we do it? I at first thought, maybe if I do a PUT requests to /uploads (I found the folder right after I visited the dashboard first time by viewing page source then I took a note of it) then the shell will get uploaded but unfortunately it wasn’t the case. So, I was poking and thinking how to upload the shell. If you remember Task2, we found an admin credentials. Why not use that?

“Upload Food” button! 😈😈😈

Before starting to work with the shell, I need to open a listener so that when the victim opens the script. I will get a terminal opened here.

The shell script was already given to us, so I just changed the IP and adjusted the port to my netcat server/

Let’s upload the shell then

I clicked the food from dashboard. It took a few seconds and I got a shell.

Conclusion

Due to my incompetence in making understand the instructor about server misconfiguration, I wasted a lot of time in this challenge, even though it was a very simple challenge. When I was uploading my shell it was not uploading properly to the server. I thought it was an expected thing, the uploaded items are kept in another directory other than the /uploads so I ran gobuster to discover the folder but finally the instructor realized his mistake and fixed the issue and I got the flag!