Changenamesh

  • Published on
    Apache misconfiguration that allowed me to gain foothold by bypassing a MIME upload, then I executed RCE to shell. For root, there was a changename.sh file which cleaned up the uploads directory, but I changed it to give root.