Network Security: Detailed info on Re: Malicious file upload in .JPG or GIF format

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Pen-Test

[Top] [All Lists]

Re: Malicious file upload in .JPG or GIF format

from [Luca Carettoni] Network Security

[Permanent Link]

Subject:	Re: Malicious file upload in .JPG or GIF format
Date:	Wed, 20 Feb 2008 23:15:14 +0100

On Wednesday 20 February 2008, H D Moore wrote:

The usual trick is to upload an ASP, ASPX, PHP, JSP, or other dynamic web
page to the server. If the applications allows you to set the extension
and the upload directory supports that scripting language, your job is
done.


Sometimes it is also useful to provide a fake GIF image header in order to 
bypass the image content check and the file extension control (as already 
suggested).

In a PHP environment, creating a file with the extension ".php." and the 
following content:
-----
GIF89aD
<?php phpinfo(); ?>
-----
It was several times successful.

Bye, 
Luca

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Malicious file upload in .JPG or GIF format, whitehat Re: Malicious file upload in .JPG or GIF format, H D Moore RE: Malicious file upload in .JPG or GIF format, Erin Carroll RE: Malicious file upload in .JPG or GIF format, Brett Moore Re: Malicious file upload in .JPG or GIF format, Luca Carettoni <= Re: Malicious file upload in .JPG or GIF format, bugtraq RE: Malicious file upload in .JPG or GIF format, ADAMS, JEFF W, ATTSI Re: Malicious file upload in .JPG or GIF format, Jay

Previous by Date:	Re: Malicious file upload in .JPG or GIF format, Jay
Next by Date:	RE: Malicious file upload in .JPG or GIF format, Brett Moore
Previous by Thread:	RE: Malicious file upload in .JPG or GIF format, Brett Moore
Next by Thread:	Re: Malicious file upload in .JPG or GIF format, bugtraq
Indexes:	[Date] [Thread] [Top] [All Lists]