Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #35301
    budoya
    Participant

    It seems I cant upload images here to show the problem. I’m having trouble getting the burp proxy exploit to work on the medium security DVWA. I’ll explain as best I can:

    Burp successfully is intercepting the shell.jpg upload.

    I am changing it to shell.php before forwarding.

    When forwarding I get the error on the DVWA upload page simply saying “Image was not uploaded”.

    #35317
    Vashisht Boodhun
    Participant

    Can you try to generate another shell as shell2 and try again?

    #35476
    budoya
    Participant

    Hi,

    I re-tried today, with several attempts at renaming ‘shell2’, ‘shell3’ etc, but it doesn’t seem to upload. Still the same ‘your image was not uploaded’ in red text.

    #35477
    budoya
    Participant

    I believe I solved the issue, sort of. Reading the burp suite output I noticed that there were cookies for security=high. It seems that sometimes when submitting security to medium it may glitch and still retain high security. After going back and re-submitting it as medium security it worked fine. However, this did happen a couple of times in a row, so it took a few tries.

    Thanks.

    #35491
    Vashisht Boodhun
    Participant

    Glad to know that you were able to fix this issue. Please don’t hesitate to contact if you need anything else:)

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.