This is a writeup describing a file upload vulnerability in Battle Scrypt, allowing arbitrary shell uploads via /upload.php. The exploit involves uploading a shell disguised as an image file and accessing it via a predictable path.
Classification
Writeup 80%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Battle Scrypt (version unspecified)
No auth needed
Prerequisites:access to /upload.php · ability to upload files