File Upload

Extensions

PHP	ASP	Jsp	Perl	ColdFusion	NodeJS
.php	.asp	.jsp	.pl	.cfm	.js
.php2	.config	.jspx	.pm	.cfml	.json
.php3	.ashx	.jsw	.cgi	.cfc	.node
.php4	.asmx	.jsv	.lib	.dbm
.php5	.aspq	.jspf
.php7	.axd	.wss
.pht	.cshtm	.do
.phpt	.cshtml	.action
.phtm	.rem
.phtml	.soap
.phps	.vbhtm
.phar	.vbhtm
.hphp	.asa
.module	.cer .shtml
.inc	.shtml
.ctp

PHP

ASP

Jsp

Perl

ColdFusion

NodeJS

.php

.asp

.jsp

.pl

.cfm

.js

.php2

.config

.jspx

.pm

.cfml

.json

.php3

.ashx

.jsw

.cgi

.cfc

.node

.php4

.asmx

.jsv

.lib

.dbm

.php5

.aspq

.jspf

.php7

.axd

.wss

.pht

.cshtm

.do

.phpt

.cshtml

.action

.phtm

.rem

.phtml

.soap

.phps

.vbhtm

.phar

.vbhtm

.hphp

.asa

.module

.cer .shtml

.inc

.shtml

.ctp

Filter Bypass

Uppercase letters: .pHp, .pHP5, .PhAr
Double extension:
- .png.php
- .gif.php
Null byte:
- .php%00.gif
- .php\x00.gif
Special chars:
- file.php%20
- file.php%0a
- file.php%0d%0a
- file.php/
- file.php.\
- file.php....
Content-Type:
- Content-Type : image/gif
- Content-Type : image/png
- Content-Type : image/jpeg
Magic numbers:
- GIF: GIF8;
- PNG: \x89PNG\r\n\x1a\n\0\0\0\rIHDR\0\0\x03H\0\xs0\x03[
- JPG: \xff\xd8\xff

References

https://book.hacktricks.xyz/pentesting-web/file-upload

https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files

Last updated 9 days ago