[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-8428":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":16,"stars7d":17,"stars30d":18,"stars90d":16,"forks30d":16,"starsTrendScore":19,"compositeScore":20,"rankGlobal":10,"rankLanguage":10,"license":10,"archived":21,"fork":21,"defaultBranch":22,"hasWiki":23,"hasPages":21,"topics":24,"createdAt":10,"pushedAt":10,"updatedAt":25,"readmeContent":26,"aiSummary":27,"trendingCount":16,"starSnapshotCount":16,"syncStatus":28,"lastSyncTime":29,"discoverSource":30},8428,"upload-labs","c0ny1\u002Fupload-labs","c0ny1","一个想帮你总结所有类型的上传漏洞的靶场","",null,"PHP",4152,823,63,23,0,5,11,1,61.35,false,"master",true,[],"2026-06-12 04:00:39","\u003Cp align=\"center\">\r\n  \u003Cimg title=\"portainer\" src='img\u002Flogo.png' \u002F>\r\n\u003C\u002Fp>\r\n\r\n\u003Cp align=\"center\">\r\n  \u003Cimg title=\"portainer\" src='https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fversion-0.1-brightgreen.svg' \u002F>\r\n  \u003Cimg title=\"portainer\" src='https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Fphp-5.*-yellow.svg' \u002F>\r\n  \u003Cimg title=\"portainer\" src='https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-MIT-red.svg' \u002F>\r\n\u003C\u002Fp>\r\n\r\n---\r\n\r\n**upload-labs是一个使用php语言编写的，专门收集渗透测试和CTF中遇到的各种上传漏洞的靶场。旨在帮助大家对上传漏洞有一个全面的了解。目前一共20关，每一关都包含着不同上传方式。**\r\n\r\n## 0x01 Screenshot\r\n\r\n#### 1.1 主界面\r\n\r\n![主界面](doc\u002Findex.jpg)\r\n\r\n#### 1.2 每一关\r\n\r\n![每一关](doc\u002Fpass.jpg)\r\n\r\n#### 1.3 查看代码\r\n\r\n![代码](doc\u002Fcode.jpg)\r\n\r\n## 0x02 Install\r\n\r\n#### 2.1 环境要求\r\n\r\n若要自己亲自搭建环境，请按照以下配置环境，方可正常运行每个Pass。\r\n\r\n|配置项|配置|描述|\r\n|:---|:---|:---|\r\n|操作系统|Window or Linux|推荐使用Windows，除了Pass-19必须在linux下，其余Pass都可以在Windows上运行|\r\n|PHP版本|推荐5.2.17|其他版本可能会导致部分Pass无法突破|\r\n|PHP组件|php_gd2,php_exif|部分Pass依赖这两个组件|\r\n|中间件|设置Apache以moudel方式连接||\r\n\r\n#### 2.2 Windows快速搭建\r\n\r\n项目提供了一个Windows下,按照以上配置要求配置好的集成环境\r\n\r\n下载地址：https:\u002F\u002Fgithub.com\u002Fc0ny1\u002Fupload-labs\u002Freleases\r\n\r\n集成环境绿色免安装，解压即可使用。\r\n\r\n#### 2.3 Linux快速搭建\r\n\r\n创建镜像\r\n\r\n```\r\n$ cd upload-labs\u002Fdocker\r\n$ docker build -t upload-labs .\r\n```\r\n\r\n或\r\n\r\n```\r\n$ docker pull c0ny1\u002Fupload-labs\r\n```\r\n\r\n创建容器\r\n\r\n```\r\n$  docker run -d -p 80:80 upload-labs:latest\r\n```\r\n\r\n## 0x03 Summary\r\n\r\n#### 3.1 靶机包含漏洞类型分类\r\n\r\n![上传漏洞分类](doc\u002Fmind-map.png)\r\n\r\n#### 3.2 如何判断上传漏洞类型?\r\n\r\n![判断上传漏洞类型](doc\u002Fsum_up.png)\r\n\r\n## 0x04 Thanks\r\n\r\n* 感谢[小小黄](https:\u002F\u002Fgithub.com\u002Fxiaoxiaoki)做的logo\r\n","upload-labs 是一个使用 PHP 语言编写的靶场，专门用于收集和展示渗透测试及 CTF 比赛中遇到的各种上传漏洞。项目包含20个不同难度的关卡，每个关卡都设计了不同的上传方式，旨在帮助用户全面理解和掌握各类上传漏洞及其利用方法。支持在 Windows 和 Linux 环境下运行，但推荐使用特定版本的 PHP（5.2.17）以确保所有功能正常运作。该项目非常适合网络安全研究人员、渗透测试人员以及对 Web 安全感兴趣的开发者用来学习和实践文件上传相关的安全知识。",2,"2026-06-11 03:17:54","top_language"]