HackTheBox Zipping

00:00 - Introduction
01:00 - Start of nmap
02:50 - Discovering a likely LFI in product.php but cannot use filters, likely because there is a file_exists() check
05:30 - Playing with the File Upload functionality
08:40 - Talking about the PHAR wrapper in PHP, showing it will bypass the file_exist and we can go into the ZIP to bypass the .pdf check
10:55 - Uploading the phar archive, and getting RCE through the LFI and PHAR wrapper
16:40 - Showing …

bypass can check file file upload hackthebox introduction lfi nmap php product start talking upload wrapper zip