File Upload Challenges

These challenges are set in a Text-Based 'MM'ORPG Game based off Mccode Lite Game Engine (GPL)

Deploy to your own Heroku instance with this button below, then complete the challenges!

For each challenge, you have 'beat' it if you can successfully get php code you wrote to run on the server. A quick and easy test script would look like this:

Challenges:

Challenge 1: File extension validation

Challenge 2: Mime types client-side

Challenge 3: Mime types & image validation server-side

Challenge 4: More strict file extension validation

Challenge 5: Combo attack with local file inclusion

Challenge 6: Seeing what's possible with file upload (such as php web shells).

Note that useful information for testing and debugging will be logged to the Papertrail app in your heroku instance. Open papertrail to view those streaming logs.