Another fast solution for a Pentesterlab challenge
This also shows how quickly a webserver can be exploited..
The site has a simple File Upload control, but it has no validation which allows us to upload a php shell and get access to the whole system. Using this shell we can steal password hashes or upload files to the webserver.
@2codemonte 