Our Scenarios
web

XVWA-File Upload

XVWA - Unrestricted File Upload

This lab shows step-by-step how to exploit a File Upload vulnerability on the Xtreme Vulnerable Web Application (XVWA) to gain unauthorized access to the system.

In this scenario, the application allows users to upload files but it does not carry out any checks to prevent malicious files from being uploaded. This scenario highlights how an attacker could exploit this weakness to upload malicious files on the target system and run arbitrary commands.

XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security. The idea is to evangelize web application security to the community in possibly the easiest and fundamental way. Learn and acquire these skills for good purpose.

Why are File Upload vulnerabilities important?

Many applications implement File Upload functionality to allow users to upload files to the application. However, there are many cases where the file upload functionality allows users to upload and execute malicious files on the server. The consequences of a successful File Upload attack can be devastating due to the fact that they could allow an attacker to execute arbitrary code on the system and gain access to sensitive information.

What you will learn?

  • Common vulnerabilities affecting File Upload functionality.
  • How to test and identify for such vulnerabilities.
  • How to exploit a File Upload vulnerability to gain Remote Code Execution (RCE) on the system hosting the affected application.

Technical Details

  • This scenario contains one virtual machine.
  • VPN Connection Required: Optional
  • This lab can be completed by either connecting to the CR VPN or by simply utilizing the Web Proxy feature.
  • The examples demonstrated throughout this scenario are based on Linux.

Scenario Pre-requisites

In order to benefit from this scenario it is recommended you have competence in the following areas: 1. Basic understanding of the HTTP protocol 2. How web applications work behind the scenes 3. How to use an HTTP Intercepting Proxy 4. Basic Linux command line knowledge

About the Author

Marios holds a BSc Computer Science degree from Northumbria University and an MSc degree in Cyber Security from the University of York. He is one of the OWASP Cyprus Chapter Leaders and he is passionate about web application security. He likes to spend his free time mastering his backgammon skills.

  • MODESINGLEPLAYER
  • TYPECCL
  • DIFFICULTYEASY
  • TIME120 MINUTES
  • COST10 CRYSTALS
SHARE