Unrestricted File-Upload

How it works?

A hacker is able to create a malicious PHP file using msfvenom and upload it to a vulnerable server and gain full access, hackers can

  • Search for files
  • Upload files
  • Download files
  • Run post exploitation scripts
  • execute commands
  • Enter a shell
  • Replace files
  • Upload backdoors

And lots more.

unrestricted-file-upload-medium.jpg

How To Prevent Remote File Upload Vulnerabilities

  • Only allow specific file extensions.
  • Only allow authorized and authenticated users to use the feature.
  • Check any file fetched from the Web for content. Make sure it is actually an image or whatever file type you expect.
  • Serve fetched files from your application rather than directly via the web server.
  • Store files in a non-public accessibly directory if you can.
  • Write to the file when you store it to include a header that makes it non-executable.

 https://www.owasp.org/index.php/Unrestricted_File_Upload

Demonstration

If you have any questions please comment below.