DEV Community

Golam_Mostafa
Golam_Mostafa

Posted on

1

File Upload Vulnerabilities

What Are File Upload Vulnerabilities?

File upload vulnerabilities occur when a server lets users upload files without proper checks. Attackers can exploit this to upload harmful files, like scripts, instead of safe ones, like images. Sometimes, just uploading the file causes damage; other times, attackers trigger the file to execute with a request.


How Do These Vulnerabilities Happen?

Even when protections exist, flaws in implementation can still allow attacks. Common issues include:

  • Blocking some dangerous file types but missing others.
  • Relying on file properties that attackers can fake using tools.
  • Inconsistent validation across the website.

These small mistakes give attackers ways to bypass security measures.


Exploiting Flawed File Upload Validation

Attackers often exploit weak validation to upload harmful scripts, like web shells. For example, a PHP script like this reads secret files:

<?php echo file_get_contents('secret.txt'); ?>
Enter fullscreen mode Exit fullscreen mode

Or, a script like this can run system commands:

<?php echo system($_GET['cmd']); ?>
Enter fullscreen mode Exit fullscreen mode

Attackers can send:

GET /hack.php?cmd=whoami
Enter fullscreen mode Exit fullscreen mode

This shows the server's identity and gives attackers control.


Flawed File Type Validation

Some servers validate file uploads by checking the Content-Type header for expected MIME types like image/jpeg. However, if the server trusts this header without checking the file’s actual contents, attackers can easily bypass the validation.

For example, an image upload form may send this request:

POST /images HTTP/1.1  
Host: example.com  
Content-Type: multipart/form-data  

--boundary  
Content-Disposition: form-data; name="image"; filename="example.jpg"  
Content-Type: image/jpeg  

[binary data]  
--boundary--
Enter fullscreen mode Exit fullscreen mode

If the server only verifies the Content-Type value, attackers can fake this using tools like Burp Repeater and upload malicious files disguised as images.


Protecting Against File Upload Vulnerabilities

To prevent these attacks:

  1. Verify file content matches the declared type.
  2. Store uploaded files in non-executable directories.
  3. Use strict whitelists for allowed file types.
  4. Scan files for malicious content.

Learn More: Watch the Tutorial

Acknowledgment: This post is inspired by insights from PortSwigger Web Security and ChatGPT.

Speedy emails, satisfied customers

Postmark Image

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

Top comments (0)

AWS Security LIVE!

Tune in for AWS Security LIVE!

Join AWS Security LIVE! for expert insights and actionable tips to protect your organization and keep security teams prepared.

Learn More

👋 Kindness is contagious

Engage with a sea of insights in this enlightening article, highly esteemed within the encouraging DEV Community. Programmers of every skill level are invited to participate and enrich our shared knowledge.

A simple "thank you" can uplift someone's spirits. Express your appreciation in the comments section!

On DEV, sharing knowledge smooths our journey and strengthens our community bonds. Found this useful? A brief thank you to the author can mean a lot.

Okay