Tags: php-shell web rce php 

Rating: 5.0

Writeup for a web task OmegaSector in Russian

http://countersite.org/articles/web-vulnerability/177-omega-sector-web-writeup.html

jrozansk – July 16, 2018, 11:32 p.m.

I cannot reproduce behavior described in this writeup with "echo '' > drakylar.php;" payload.
I managed to see how alien_sector.php looks like and there is file_put_contents('alien_message/'.$unique.'.'.$_POST['type'], $check); function used to save file.

I don't get how this system call is saved to drakylar.php file in this example.
Could anyone clarify?