Upload vulnerability science[1]-The file upload form is Web Security the main threat-vulnerability warning-the black bar safety net

ID MYHACK58:62201442505
Type myhack58
Reporter 独自等待
Modified 2014-02-24T00:00:00


In order to allow the end user to upload files to your website, just like Is to compromise your server for a malicious user to open another door. Even so, in today's modern Internet Web applications, it is a common requirement, because it helps to improve your business efficiency. On Facebook and Twitter and other social network Web application that allows file upload. Also let them in blogs, forums, e-banking sites, YouTube and corporate support portals, to give the opportunity to the end user with the enterprise employees to efficiently share files. Allows users to upload images, videos, avatars and many other types of files.

To the end user functionality provided, the more Web application is subject to the risk of attack and the greater the chance that this function will be malicious users use to get to a specific site privileges, or compromise a server the possibility is very high.

When in testing several Web applications, we note that a considerable number of well-known Web applications, do not have secure file upload forms. These vulnerabilities are easy to exploit, we can access the Web application server hosting to the file system. In this article, we present you with 8 common ways we encountered of secure file upload form. At the same time, will also showcase a malicious user, can easily bypass these security measures.

Case 1: no authentication simple file upload form

A simple file upload form usually contains a HTML form and PHP script. The HTML form the form presented to the user, and need the file upload feature of the PHP script contains the code. This form and PHP script below is an example:

HTML Form:

| 1 | <form enctype="multipart/form-data" action="uploader.php" method="POST"> ---|---

2 | <input type="hidden" name="MAX_FILE_SIZE" value="1 0 0 0 0 0" /> ---|---

3 | Choose a file to upload: <input name="uploadedfile" type="file" /><br /> ---|---

4 | <input type="submit" value="Upload File" /> ---|---

5 | </form> ---|---

[1] [2] [3] [4] [5] [6] [7] next