File Upload Restrictions Bypass

Return Home

File Upload Restrictions

During penetration testing engagements, You may have seen unrestricted File Upload which can grants you an access to the server to execute malicious codes, however, it’s not that easy to do so in some cases where you have to bypass file upload restrictions and filtrations which can make it a bit challenging to finally get the job done. This paper will discuss the methods of how the web application handles this process and how it validates the files that are being sent to the server and how to bypass these validations.

Null byte attacks are alive and well

Null byte attacks against web and other applications are nothing new. Later in this post, I will describe two cases that may nonetheless be unfamiliar to some readers.