File Upload Vulnerability!

File Upload Vulnerability!

What is File Upload Vulnerability?

Ans>  File Vulnerability is Various web applications allow users to upload files (such as pictures, images, sounds, …). Stored files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a specially-crafted filename or mime type and execute arbitrary code. I was able to a file containing executable code and get this code executed.

How to prevent it?

vulnerability Upload

Restrict file types accepted: check the file extension and only allow certain files to be Stored. Use a whitelist approach instead of a blacklist. Check for double extensions such as .php.png. Check for files without a filename like .htaccess (on ASP.NET, check for configuration files like the web. config). Change the permissions on the folder so the files within it are not executable. If possible, rename the files that are Stored.

 

Check the Youtube video!!!

In that video, I am telling you a full tutorial of the upper topic!

 

CHECK THE FULL VIDEO!!!

Youtube Video

 

Leave a Reply

Your email address will not be published.