- April 29, 2020 at 2:43 am #35301
It seems I cant upload images here to show the problem. I’m having trouble getting the burp proxy exploit to work on the medium security DVWA. I’ll explain as best I can:
Burp successfully is intercepting the shell.jpg upload.
I am changing it to shell.php before forwarding.
When forwarding I get the error on the DVWA upload page simply saying “Image was not uploaded”.April 29, 2020 at 9:07 am #35317Vashisht BoodhunParticipant
Can you try to generate another shell as shell2 and try again?May 1, 2020 at 3:28 am #35476
I re-tried today, with several attempts at renaming ‘shell2’, ‘shell3’ etc, but it doesn’t seem to upload. Still the same ‘your image was not uploaded’ in red text.May 1, 2020 at 3:54 am #35477
I believe I solved the issue, sort of. Reading the burp suite output I noticed that there were cookies for security=high. It seems that sometimes when submitting security to medium it may glitch and still retain high security. After going back and re-submitting it as medium security it worked fine. However, this did happen a couple of times in a row, so it took a few tries.
Thanks.May 1, 2020 at 8:58 am #35491Vashisht BoodhunParticipant
Glad to know that you were able to fix this issue. Please don’t hesitate to contact if you need anything else:)
- You must be logged in to reply to this topic.