Exploiting File Upload Functionality in Unique Way.

Careers page.

Additional Knowledge:

Game begins from here:

I downloaded a random picture from google and changed the name of that picture to “randomnumber_IMG_randomnumber.jpeg” (randomnumber_IMG_randomnumber.jpeg is the image name of profile picture of that random user mentioned above.) and simply uploaded randomnumber_IMG_randomnumber.jpeg using the upload functionality available at careers page.

Uploaded picture with the same name as profile picture name.
Profile of random user before uploading picture.
Profile picture of random user changed after uploading picture.😎

Wait…It’s not over yet.

The web application also has a functionality where users can shop.
Picture of all products were also stored in the root folder of same cloudfront and by repeating above steps I was also able to change the picture of any product available in shop.

Before.
Uploading a picture with same name as product image name.
After.

Revision Time:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rohit Soni

Rohit Soni

I am just a random bug bounty hunter who is Passionate about learning more and more….🔥