Penetration Testing mailing list archives
Re: Malicious file upload in .JPG or GIF format
From: Luca Carettoni <luca.carettoni () ikkisoft com>
Date: Wed, 20 Feb 2008 23:15:14 +0100
On Wednesday 20 February 2008, H D Moore wrote:
The usual trick is to upload an ASP, ASPX, PHP, JSP, or other dynamic web page to the server. If the applications allows you to set the extension and the upload directory supports that scripting language, your job is done.
Sometimes it is also useful to provide a fake GIF image header in order to bypass the image content check and the file extension control (as already suggested). In a PHP environment, creating a file with the extension ".php." and the following content: ----- GIF89aD <?php phpinfo(); ?> ----- It was several times successful. Bye, Luca ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- Malicious file upload in .JPG or GIF format whitehat (Feb 20)
- Re: Malicious file upload in .JPG or GIF format H D Moore (Feb 20)
- RE: Malicious file upload in .JPG or GIF format Erin Carroll (Feb 20)
- RE: Malicious file upload in .JPG or GIF format Brett Moore (Feb 20)
- Re: Malicious file upload in .JPG or GIF format Luca Carettoni (Feb 20)
- RE: Malicious file upload in .JPG or GIF format Erin Carroll (Feb 20)
- Re: Malicious file upload in .JPG or GIF format bugtraq (Feb 20)
- RE: Malicious file upload in .JPG or GIF format ADAMS, JEFF W, ATTSI (Feb 21)
- <Possible follow-ups>
- Re: Malicious file upload in .JPG or GIF format Jay (Feb 20)
- Re: Malicious file upload in .JPG or GIF format H D Moore (Feb 20)