Solving Portswigger Academy: Exploiting XXE via image file upload

Sep 25, 2024

--

This lab lets users attach avatars to comments and uses the Apache Batik library to process avatar image files.
To solve the lab, upload an image that displays the contents of the /etc/hostname file after processing. Then use the "Submit solution" button to submit the value of the server hostname.

When you access the lab, there are various blog posts. Visit any post and in comment section you will see an upload functionality.

Upload function in comment section

I first created SVG image file with below contents.

SVG image file

Now go to the comments section and select Choose file button to upload above image.Also fill up comments and other details.

Now visit the comments section and you will see the image is processed by server and in image it is showing hostname.

hostname

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Written by Vishal

No responses yet

Write a response

What are your thoughts?

Also publish to my profile

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams