Files, Folders & Fun (revisited)

Files, Folders & Fun (revisited)

Playing with folder resolution to build a better pretext

Visual ? skip to the bottom to find the YouTube video, then come back and skim (recommendation)

What happens when you hit the root of a web-server ?

Well, you land on the / (root) and you should get index.htmhtmlphpaspx, etc … when actually / is a directory … so that’s it, let’s play with that folder resolve principle

The playground here is creating a folder name that looks like a file name then creating a URL and QR code to support it

catpictures.com/cutekitty.jpeg is actually cat pictures.com/cutekitty.jpeg/index.html ... and that index.html is pushing a file onto your computer

From the top, the Filename in field one is what name of your payload as your victim downloads it, so if you have your x64_payload.docx ready to upload you might want to put CV.docx in this field

the Pseudo-Folder Name is what the victim will interpret as a file name coolcat.jpg, embarrassing_movie.mp4, what you put here should 'feel safe' to open with regards to viewing in a browser and the perception of no material impact on the device (as apposed to a config.mobileconfig)

Device Options are for what we're expecting, this is a little scruffy, but it's user agent based, if you're targeting a specific device, select it.

Upload is upload

0:00
/0:55

once this is uploaded, you will be redirected to a hugely unsettled page where you'll be given your URL and a QR of your opportunity to push your uploaded file on a unsuspecting target assuming that they are viewing a image, video, whatever

janky PoC

That's it, have at it, enjoy, observe, dismiss :)