Skip to main content

One post tagged with "PHP Type Juggling"

PHP Type Juggling is a vulnerability that occurs when the language's automatic type conversion feature is exploited to bypass security controls and execute malicious code. In PHP, certain types (e.g., strings) are cast to integers or other types under specific conditions, potentially allowing attackers to manipulate values and bypass validation checks. By crafting input that leverages these conversions, attackers can inject malicious data, elevate privileges, or access unauthorized areas of the system.

View All Tags

HTB | Base | Write-Up

· 14 min read

Summary:

We test connectivity, scan, and enumerate the target website. We discover a PHP type juggling vulnerability and exploit it to gain access to the admin file uploads directory. Using this access, we upload a web shell via the upload functionality. Enumerating the system with our new tool, we find clear text credentials that grant us user-level SSH access. We then escalate to root by exploiting sudo using find. Finally, we grab the root flag.

Machine Name: Base | Difficulty: Easy | OS: Linux