We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
SAINTCON 2023 - Jeff Doty - File Upload Attacks Methodology
Explore file upload attack methodology, including identifying vulnerabilities, file name and content type manipulation, and defense evasion techniques, to uncover how hackers can achieve remote code execution.
Key Takeaways
- File uploads are a common vulnerability in web applications, and can be used to achieve remote code execution.
- Understanding what types of files a web app accepts, and how it handles file uploads, is crucial in identifying potential vulnerabilities.
- File name manipulation can be used to bypass certain defenses, such as checking file extensions.
- Content type manipulation can also be used to bypass defenses, and can be used to upload files with unexpected types, such as executable files.
- LFI (Local File Inclusion) vulnerabilities can be used to read the contents of files on the web server, and can be used to execute OS commands.
- PHP files can be used to execute code on the web server, and can be used to achieve remote code execution.
- PDF and SVG files can also be used to execute code on the web server, and can be used to achieve remote code execution.
- Fuzzing can be used to identify vulnerabilities in file upload functionality.
- Using tools like Burp Upload Scanner can help identify potential vulnerabilities in file upload functionality.
- Defense evasion techniques, such as using double extensions and path traversal, can be used to bypass certain defenses.
- Server-side request forgery can be used to execute requests on the web server, and can be used to achieve remote code execution.
- Understanding how the web app processes file uploads, and what types of files it accepts, is crucial in identifying potential vulnerabilities.