technique://PHP Type Juggling
- BaseLinux Tier 2 Apr 27, 2026
PHP strcmp() fed an array instead of a string returns 0 and bypasses login. A file manager upload gives shell. sudo find reads root.txt while find runs as root.
also uses: Sudo Abuse
PHP strcmp() fed an array instead of a string returns 0 and bypasses login. A file manager upload gives shell. sudo find reads root.txt while find runs as root.