Re: Malicious file upload in .JPG or GIF format
- From: Luca Carettoni <luca.carettoni@xxxxxxxxxxxx>
- Date: Wed, 20 Feb 2008 23:15:14 +0100
On Wednesday 20 February 2008, H D Moore wrote:
The usual trick is to upload an ASP, ASPX, PHP, JSP, or other dynamic web
page to the server. If the applications allows you to set the extension
and the upload directory supports that scripting language, your job is
done.
Sometimes it is also useful to provide a fake GIF image header in order to
bypass the image content check and the file extension control (as already
suggested).
In a PHP environment, creating a file with the extension ".php." and the
following content:
-----
GIF89aD
<?php phpinfo(); ?>
-----
It was several times successful.
Bye,
Luca
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- Malicious file upload in .JPG or GIF format
- From: whitehat
- Re: Malicious file upload in .JPG or GIF format
- From: H D Moore
- Malicious file upload in .JPG or GIF format
- Prev by Date: Re: Malicious file upload in .JPG or GIF format
- Next by Date: RE: Malicious file upload in .JPG or GIF format
- Previous by thread: RE: Malicious file upload in .JPG or GIF format
- Next by thread: Re: Malicious file upload in .JPG or GIF format
- Index(es):
