Tiếng Việt
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#php_file_upload kết quả tìm kiếm

NullSecurityX's profile picture. Infosec researcher • Bug bounties & security analysis. Collabs/ads: root@nullsecurityx.codes /
NullSecX
@NullSecurityX
11 thg 10

Unrestricted file-upload bypass: if a server trusts only Content-Type/extension, attackers can use Content-Disposition double-extensions to upload .asp/.php disguised as image/jpeg. magic-bytes ≠ MIME, presence of `<%...%>` or `<?php`, accessible executable URIs. #BugBounty

NullSecurityX's tweet image. Unrestricted file-upload bypass: if a server trusts only Content-Type/extension, attackers can use Content-Disposition double-extensions to upload .asp/.php disguised as image/jpeg. magic-bytes ≠ MIME, presence of `&amp;lt;%...%&amp;gt;` or `&amp;lt;?php`, accessible executable URIs. #BugBounty
5
60
390
260
19K
Yumi_Sec's profile picture. French student & Bug hunter
Yumi
 @Yumi_Sec
24 thg 4, 2020

If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec

Yumi_Sec's tweet image. If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec
13
628
2K
385
0
therceman's profile picture. 👋 I’m Anton (therceman) 🪲 Bug Bounty Hunter 💰 📖 Bug Bounty Book - https://t.co/Y9nGrZydBV
Anton
@therceman
26 thg 9, 2023

Bug Bounty Tip: When testing file upload functionality, don't forget to check for path traversal. This can potentially exploit arbitrary file overwrite vulnerabilities. Doing so could result in the overwriting of static files like JS/HTML or even other users' files. Cheers!

therceman's tweet image. Bug Bounty Tip: When testing file upload functionality, don&apos;t forget to check for path traversal. This can potentially exploit arbitrary file overwrite vulnerabilities. Doing so could result in the overwriting of static files like JS/HTML or even other users&apos; files. Cheers!
2
54
239
105
23K
Savitar0x01's profile picture. 24 | OSCP | Security Engineer - Day | Bug Bounty Hunter - Night | SRT | Gamer | CTF Player | Crypto Enthusiast | Watching & Sharing memes 24/7
M. Qasim Munir
 @Savitar0x01
8 thg 10, 2020

Want to bypass file upload restrictions? Add ' , . " after the file extension just like: file.php' , file.php. , file.php" worked on many targets. #BugBounty #bugbountytips

Savitar0x01's tweet image. Want to bypass file upload restrictions? Add &apos; , . &quot; after the file extension just like: file.php&apos; , file.php. , file.php&quot; worked on many targets. #BugBounty #bugbountytips
5
100
255
98
0
tekbog's profile picture. interested in AI and distributed systems
terminally onλine εngineer
@tekbog
14 thg 12

and then you would upload the files through FTP to the server

tekbog's tweet image. and then you would upload the files through FTP to the server
100
462
7K
330
246K
sardar0x1's profile picture. Offensive Security 🛡 Red Teamer 🎯 | Threat Hunter 🏹 |Penetration Tester 👨🏻‍💻 | Breaker 💣 | Builder 🛠️ | Researcher 🔬
Sardar
 @sardar0x1
10 thg 2

Bypass file upload on xiaomi With this method .extentions./%00.png Example : .php.%00.png #bugbounty #bugbountytips #bug #CYBER

12
72
406
351
21K
0_1VitthalS's profile picture. Cyber Security Enthusiastic #Its_all_Binary
Vitthal Shinde🇮🇳
 @0_1VitthalS
14 thg 7, 2018

when you came up with a file= parameter before trying for other rfi see phpinfo page is accessible or not you might get some juicy information. e.g.file=data:text/plain, <?php phpinfo(); ?> #bugbountytip

0_1VitthalS's tweet image. when you came up with a file= parameter before trying for other rfi see phpinfo page is accessible or not you might get some juicy information. e.g.file=data:text/plain, &amp;lt;?php phpinfo(); ?&amp;gt; #bugbountytip
1
76
188
19
0
sirlonlilokli's profile picture. Software Addicted
Lonli-Lokli
 @sirlonlilokli
6 phút

Looks like formsubmit.io is down, is there any alternative with file.attachments ?

0
0
0
0
1
hipotermia's profile picture. 🦊
hipotermia
 @hipotermia
26 thg 11, 2022

I stumbled upon a file upload that allowed any file type. Because the site was running on PHP, I could upload and execute code on the server, so I tried with a simple shell, but system, exec, passthru... seemed to be disabled. However, there are more ways to exploit this.

hipotermia's tweet image. I stumbled upon a file upload that allowed any file type. Because the site was running on PHP, I could upload and execute code on the server, so I tried with a simple shell, but system, exec, passthru... seemed to be disabled. However, there are more ways to exploit this.
hipotermia's tweet image. I stumbled upon a file upload that allowed any file type. Because the site was running on PHP, I could upload and execute code on the server, so I tried with a simple shell, but system, exec, passthru... seemed to be disabled. However, there are more ways to exploit this.
hipotermia's tweet image. I stumbled upon a file upload that allowed any file type. Because the site was running on PHP, I could upload and execute code on the server, so I tried with a simple shell, but system, exec, passthru... seemed to be disabled. However, there are more ways to exploit this.
3
12
710
6
0
chux13786509's profile picture. Web Warrior 👻 | Bug Hunter | CVE-2024-46990 | CVE-2024-54128 | CVE-2025-29930 | https://t.co/LbpguTTSEk | https://t.co/e9bO0RZKlB
chux
@chux13786509
24 thg 1

Another critical bug 🔥🐞 Combination of two vulnerabilities: Path traversal + File upload = Arbitrary File Write 😈 The vulnerable function behind was php://input without any validation 🤭

chux13786509's tweet image. Another critical bug 🔥🐞 Combination of two vulnerabilities: Path traversal + File upload = Arbitrary File Write 😈 The vulnerable function behind was php://input without any validation 🤭
5
31
424
154
25K
anna_Xtech's profile picture. Backend & Low-Level Dev | Systems Architect | Code Optimizer 👩‍💻
Anna🎉
 @anna_Xtech
21 thg 10

Built a simple FTP server/client in C Features: - Upload / Download files - Easy commands: ls, get, put, quit Learn how sockets transfer files across a network

anna_Xtech's tweet image. Built a simple FTP server/client in C Features: - Upload / Download files - Easy commands: ls, get, put, quit Learn how sockets transfer files across a network
anna_Xtech's tweet image. Built a simple FTP server/client in C Features: - Upload / Download files - Easy commands: ls, get, put, quit Learn how sockets transfer files across a network
0
0
0
0
17
wgujjer11's profile picture. Cybersecurity Analyst | Ethical Hacker | Secure @nasa | #CyberSecurity #
Muhammad Waseem
 @wgujjer11
18 thg 3

WooCommerce plugin allows LFI! 🍃 02: Capture request in Burp 03: Change request method to POST and add: POST /wp-admin/admin-ajax.php?template=../../../../../../../etc/passwd&value=a&min_symbols=1 04: Also add: action=woof_text_search& 05: That’s it! You got local files.

wgujjer11's tweet image. WooCommerce plugin allows LFI! 🍃 02: Capture request in Burp 03: Change request method to POST and add: POST /wp-admin/admin-ajax.php?template=../../../../../../../etc/passwd&amp;amp;value=a&amp;amp;min_symbols=1 04: Also add: action=woof_text_search&amp;amp; 05: That’s it! You got local files.
11
100
616
455
36K
aacle_'s profile picture. Co Founder & COO At https://t.co/mpHluWM1Sk | Security Researcher ✦ 🖊️ Tester
Abhishek Meena 🏵️
 @aacle_
25 thg 12, 2022

If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec

aacle_'s tweet image. If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec
20
160
609
239
57K
benbjurstrom's profile picture. 🛠 Markdown Blogging for Laravel: https://t.co/IV53o1yUf6 🚀 Full stack modules for Laravel and React: https://t.co/evA5d3QhyO
Ben Bjurstrom
@benbjurstrom
21 thg 10

Been working on this file upload module for Laravel and React. It uses S3 compatible storage so the files never touch your app server.

1
1
5
1
253
aarondfrancis's profile picture. Sincere poster. No cynicism. Dad to two sets of twins! - https://t.co/yL0V3eZKDL - https://t.co/wIdhAlsrlX - https://t.co/hM9ogEIevT - @MostlyTechPod
Aaron Francis
@aarondfrancis
14 thg 3, 2022

One of my favorite things about using S3 in PHP is that you can register a stream wrapper to interact with files. You can use the native PHP functions like fopen, fread, etc. Very helpful when you have massive files you don't want to load into memory! (CSVs are a use case.)

aarondfrancis's tweet image. One of my favorite things about using S3 in PHP is that you can register a stream wrapper to interact with files. You can use the native PHP functions like fopen, fread, etc. Very helpful when you have massive files you don&apos;t want to load into memory! (CSVs are a use case.)
9
29
230
67
0
aacle_'s profile picture. Co Founder & COO At https://t.co/mpHluWM1Sk | Security Researcher ✦ 🖊️ Tester
Abhishek Meena 🏵️
 @aacle_
12 thg 11, 2022

If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec More on this🧵 :👇

aacle_'s tweet image. If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE. #BugBounty #BugBountyTips #InfoSec More on this🧵 :👇
7
102
273
95
0
TheMsterDoctor1's profile picture. 👨‍💻 Retired Hacker & Mentor | 🔎 Exposing flaws & leaks | 🛡 AppSec, Bug Bounties | 🧠 Teaching you to find what others miss​!
X
@TheMsterDoctor1
14 thg 1, 2024

File Upload Cheatsheet Where to find In upload file feature, for example upload photo profile feature How to exploit read also this pdf it conayin a many of ideas 1-github.com/Az0x7/vulnerab… by 0xAwali 2-github.com/Az0x7/vulnerab… by ebrahim hegazy

TheMsterDoctor1's tweet image. File Upload Cheatsheet Where to find In upload file feature, for example upload photo profile feature How to exploit read also this pdf it conayin a many of ideas 1-github.com/Az0x7/vulnerab… by 0xAwali 2-github.com/Az0x7/vulnerab… by ebrahim hegazy
TheMsterDoctor1's tweet image. File Upload Cheatsheet Where to find In upload file feature, for example upload photo profile feature How to exploit read also this pdf it conayin a many of ideas 1-github.com/Az0x7/vulnerab… by 0xAwali 2-github.com/Az0x7/vulnerab… by ebrahim hegazy
TheMsterDoctor1's tweet image. File Upload Cheatsheet Where to find In upload file feature, for example upload photo profile feature How to exploit read also this pdf it conayin a many of ideas 1-github.com/Az0x7/vulnerab… by 0xAwali 2-github.com/Az0x7/vulnerab… by ebrahim hegazy
TheMsterDoctor1's tweet image. File Upload Cheatsheet Where to find In upload file feature, for example upload photo profile feature How to exploit read also this pdf it conayin a many of ideas 1-github.com/Az0x7/vulnerab… by 0xAwali 2-github.com/Az0x7/vulnerab… by ebrahim hegazy
3
63
251
198
14K
Dedrknex's profile picture. | ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄ ̄| | I Love Linux | |_________________| Hacking and documneting the my journey in X..
RoHiT
 @Dedrknex
24 thg 10

Found a file upload option escalate it to stored x$$ !!

Dedrknex's tweet image. Found a file upload option escalate it to stored x$$ !!
3
3
98
22
4K
mnadirghafoor's profile picture. Local SEO Expert | GMB Optimization | AI Outreach | Client Acquisition 2025.
Nadir Ghafoor-Local SEO
 @mnadirghafoor
4 thg 2, 2024

"Step into the exciting realm of web development with PHP and Laravel Join us as we embark on a journey where creativity meets practicality, and together, let's craft the future of web development!" #php_file_upload #php_tutorial #programming #corephp #coder #codinglife #Web3

mnadirghafoor's tweet image. &quot;Step into the exciting realm of web development with PHP and Laravel Join us as we embark on a journey where creativity meets practicality, and together, let&apos;s craft the future of web development!&quot; #php_file_upload #php_tutorial #programming #corephp #coder #codinglife #Web3
0
0
1
0
30
Không có kết quả nào cho "#php_file_upload"
mnadirghafoor's profile picture. Local SEO Expert | GMB Optimization | AI Outreach | Client Acquisition 2025.
Nadir Ghafoor-Local SEO
 @mnadirghafoor
4 thg 2, 2024

"Step into the exciting realm of web development with PHP and Laravel Join us as we embark on a journey where creativity meets practicality, and together, let's craft the future of web development!" #php_file_upload #php_tutorial #programming #corephp #coder #codinglife #Web3

mnadirghafoor's tweet image. &quot;Step into the exciting realm of web development with PHP and Laravel Join us as we embark on a journey where creativity meets practicality, and together, let&apos;s craft the future of web development!&quot; #php_file_upload #php_tutorial #programming #corephp #coder #codinglife #Web3
0
0
1
0
30

Something went wrong.


Something went wrong.


United States Trends