Crappyshare (Exploit, PHP)
Description
Z and Gizmore were thinking of a file-sharing company, Crappyshare, to collect the latest warez and earn money in one go.
While gizmore was working with the designer on the xhtml/css stuff, Z implemented the upload script,
and we got first results...but it seems to contain a vulnerability somewhere.
Some crackers already managed to gather sensitive local files (solution.php) and broke into the server.
Could you please help us to find the vulnerability?
Click here to see the code.
Note: This challenge is simulated as this would have been a real security issue. Multiple solutions are accepted.
While gizmore was working with the designer on the xhtml/css stuff, Z implemented the upload script,
and we got first results...but it seems to contain a vulnerability somewhere.
Some crackers already managed to gather sensitive local files (solution.php) and broke into the server.
Could you please help us to find the vulnerability?
Click here to see the code.
Note: This challenge is simulated as this would have been a real security issue. Multiple solutions are accepted.
© 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020, 2021, 2022, 2023 ja 2024 by Gizmore