Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • April 29, 2020 at 2:43 am #35301
    budoya
    Participant

    It seems I cant upload images here to show the problem. I’m having trouble getting the burp proxy exploit to work on the medium security DVWA. I’ll explain as best I can:

    Burp successfully is intercepting the shell.jpg upload.

    I am changing it to shell.php before forwarding.

    When forwarding I get the error on the DVWA upload page simply saying “Image was not uploaded”.

    April 29, 2020 at 9:07 am #35317
    Vashisht Boodhun
    Participant

    Can you try to generate another shell as shell2 and try again?

    May 1, 2020 at 3:28 am #35476
    budoya
    Participant

    Hi,

    I re-tried today, with several attempts at renaming ‘shell2’, ‘shell3’ etc, but it doesn’t seem to upload. Still the same ‘your image was not uploaded’ in red text.

    May 1, 2020 at 3:54 am #35477
    budoya
    Participant

    I believe I solved the issue, sort of. Reading the burp suite output I noticed that there were cookies for security=high. It seems that sometimes when submitting security to medium it may glitch and still retain high security. After going back and re-submitting it as medium security it worked fine. However, this did happen a couple of times in a row, so it took a few tries.

    Thanks.

    May 1, 2020 at 8:58 am #35491
    Vashisht Boodhun
    Participant

    Glad to know that you were able to fix this issue. Please don’t hesitate to contact if you need anything else:)

  • Author
    Posts
Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.