Microsoft Word Document Upload to Stored XSS: A Case Study
In Summary : Anytime I see a file upload form during an application test, my attention is piqued. In a best-case scenario, I can upload a ...
https://updatesinfosec.blogspot.com/2018/05/microsoft-word-document-upload-to.html
In Summary :
Anytime I see a file upload form during an application test, my attention is piqued. In a best-case scenario, I can upload a reverse shell in a scripting language available on the webserver. If the application is running in PHP or ASP for example, it becomes quite easy. If I can’t get a backdoor uploaded, I will attempt to try to upload an HTML page to get my own client-side javascript uploaded for XSS attacks [...]
kindly refer the following link as follow up :
https://ift.tt/2I8yzPl
Anytime I see a file upload form during an application test, my attention is piqued. In a best-case scenario, I can upload a reverse shell in a scripting language available on the webserver. If the application is running in PHP or ASP for example, it becomes quite easy. If I can’t get a backdoor uploaded, I will attempt to try to upload an HTML page to get my own client-side javascript uploaded for XSS attacks [...]
kindly refer the following link as follow up :
https://ift.tt/2I8yzPl
