From 5686af951dc36b857533e7de7e109a19d05dba00 Mon Sep 17 00:00:00 2001 From: Cervoise Date: Mon, 8 Apr 2019 22:49:50 +0200 Subject: [PATCH] Update README.md According to https://gynvael.coldwind.pl/n/php_quirks .pthm seems to be use. --- Upload Insecure Files/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Upload Insecure Files/README.md b/Upload Insecure Files/README.md index 7ca53b1..a95dcbb 100644 --- a/Upload Insecure Files/README.md +++ b/Upload Insecure Files/README.md @@ -22,6 +22,7 @@ Less known extensions .phpt .pgif .phtml +.phtm Double extensions .jpeg.php @@ -62,4 +63,4 @@ Touch command * Bulletproof Jpegs Generator - Damien "virtualabs" Cauquil * [BookFresh Tricky File Upload Bypass to RCE, NOV 29, 2014 - AHMED ABOUL-ELA](https://secgeek.net/bookfresh-vulnerability/) * [Encoding Web Shells in PNG IDAT chunks, 04-06-2012, phil](https://www.idontplaydarts.com/2012/06/encoding-web-shells-in-png-idat-chunks/) -* [La PNG qui se prenait pour du PHP, 23 février 2014](https://phil242.wordpress.com/2014/02/23/la-png-qui-se-prenait-pour-du-php/) \ No newline at end of file +* [La PNG qui se prenait pour du PHP, 23 février 2014](https://phil242.wordpress.com/2014/02/23/la-png-qui-se-prenait-pour-du-php/)