정보보안/WebHacking
2023. 7. 30.
[정보보안][웹해킹] Burp Suite를 이용한 File Upload 공격
1. Burp Suite란? Local Proxy도구 외부로 전송하기 전에 수정이 필요하다면 여기서 수정한 후 전송 가능 https://portswigger.net/burp Burp Suite - Application Security Testing Software Get Burp Suite. The class-leading vulnerability scanning, penetration testing, and web app security platform. Try for free today. portswigger.net Bufp Suite를 사용하기 전 구글링을 통해 자신의 운영체제에 맞는 Proxy 설정을 해야한다. 2. DVWA에 사진 및 웹 셸 업로드 웹 셸을 업로드하기에 앞서 간단한 사진업로드를 ..
![[정보보안][네트워크] Proxy의 정의와 여러가지 유형](http://i1.daumcdn.net/thumb/C450x300/?fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdna%2FcIbkit%2FbtspOyYZmkN%2FAAAAAAAAAAAAAAAAAAAAALGK70Xn75l35lsMOGFZa_E02D-lbyz1BOFJQWxQcrLu%2Fimg.png%3Fcredential%3DyqXZFxpELC7KVnFOS48ylbz2pIh7yKj8%26expires%3D1753973999%26allow_ip%3D%26allow_referer%3D%26signature%3DQGDkZPytBYT9MH6KU9G4vBJZIwE%253D)
![[정보보안][웹해킹] Burp Suite를 이용한 File Upload 공격](http://i1.daumcdn.net/thumb/C450x300/?fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdna%2FsH87O%2Fbtspok0Qi9L%2FAAAAAAAAAAAAAAAAAAAAAKKsV5BF2J0_1C_eE6akE4zUWy_FuCsq0NdKVz5aP6dN%2Fimg.png%3Fcredential%3DyqXZFxpELC7KVnFOS48ylbz2pIh7yKj8%26expires%3D1753973999%26allow_ip%3D%26allow_referer%3D%26signature%3DO8PTy7E0HzT9TOb4GvoRUef0dO4%253D)