A file upload vulnerability allows attackers to inject malicious content into the application server. Also known as an unrestricted file upload
.jpeg)
e.g. $XXX is taken as variable in bash, need to use $ to escape
upload file: curl -T '/path/to/local/file.txt' 'https://example.com/test/' curl --upload-file http:///test/
curl -X MOVE --header 'Destination:http://example.org/new.txt' 'https://example.com/old.txt' curl -X COPY --header 'Destination:http://example.org/new.txt' 'https://example.com/old.txt'
curl --user 'user:pass' 'https://example.com'
https://www.owasp.org/index.php/Unrestricted_File_Upload https://soroush.secproject.com/blog/tag/unrestricted-file-upload/
IIS 6.0 or below Asp > upload as test.txt, copy or move file as test.asp;.txt
Php > upload as pHp / phP / test.php.jpg /
php - phtml, .php, .php3, .php4, .php5, and .inc
asp - asp, .aspx
perl - .pl, .pm, .cgi, .lib
jsp - .jsp, .jspx, .jsw, .jsv, and .jspf
Coldfusion - .cfm, .cfml, .cfc, .dbm
Add:
GIF89a;
Options Use options to check for upload method.
upload function. Is put allowed?