Sometimes, we may also come across a file upload that is initially meant to upload files such as Excel, photos, and so on, but there are a few ways through which we can bypass it. In this recipe, you will see how to do that.
The following steps demonstrate the use of meterpreters:
- Here, we have a web application that uploads a photo:
- When we upload a photo, this is what we see in the application:
- Let's see what happens if we upload a
.txt
. We create one with test as the data:
- Let's try uploading it:
- Our image has been deleted! This might mean our application is doing either a client-side or a server-side check for file extension:
- Let's try to bypass the client-side check. We intercept the request in Burp and try to alter the extension in the data submitted:
- Now we change the extension from
.txt
to.txt;.png
and click on forward:
This is still being deleted, which tells us that the application might be having a server-side check.
One of the way to bypass...