Re: Password policy.
So using the file uploader tool we can inject many more dangerous scripts and codes to gain higher access than just “reading” /etc/shadow if the uploader tool is running as privileged user or we gained privilege escalation another way.
Sent from my iPhone
> On Nov 14, 2018, at 7:20 PM, Andrew McGlashan <andrew.mcglashan@affinityvision.com.au> wrote:
>
>
>
>> On 14/11/18 9:28 pm, Corey Manshack wrote:
>> If they have /etc/shadow why would they need to brute force :) I can’t think of a vuln that would give that up without them already having root.
>
> A website file uploader tool, apparantly there has been one there for
> about 10 years using jquery. Once the file is uploaded, it can be
> leveraged to steel other files that the website shouldn't have access to.
>
> That's just one example. I'm sure there are many others.
>
> A.
Reply to: