0
0
upload vulnerability is one of the most important things you need to check in your website.
having these kind of exploits is so dangerous because the attackers well upload backdoors to your server using your upload scripts .
lets say you have a contact us page or a website with members and any registered user can upload an avatar or photo
upload a backdoor script to your website using your upload scripts is the first thing attackers will try
you will think that your script only allow photos file formats to be uploaded but there is so many several ways to bypass that .
for example attackers can upload a php backdoor in .jpg format and while the backdoor.php.jpg file is uploading they edit the http headers using several software’s
this software will send a the edited packet to your server and fool your script !
one of the software’s is burp suite
Burp Suite is a leading range of cybersecurity tools, brought to you by PortSwigger. We believe in giving our users a competitive advantage through superior research.
we will talk more about upload vulnerability and how to find and fix it using burpsuite
in other ways there is some servers that will run several formats as php !
for example : the script in the site is only allow you to upload .gif file format . what attackers do is uploading for example backdoor.php.gif5 file , and some servers run this file as PHP script !!!!
the problem is the script not fully secure , the script analyses the file and see .gif and seems to be okay
there is an example for an upload exploit using this kind of ways here
there is professional ways to test your site and see if you have the upload vulnerability
I RECOMEND YOU to talk to web security professional , but you can try some ways on your own
lets say your site have a members , and in the member profile page any member can upload a photo as a profile picture ,
go there and try to upload text file , if the file uploaded successfully , that means you have a dangerous upload vulnerability in your website
you can do small step to secure it while you calling a security professional to fix if you using apache server
the thing you can do is to go to you cpanel and upload .htaccess file in you upload direction
.htaccess (hypertext access) is a hidden file used to configure additional features for websites hosted on Apache Web Server. With it, you can rewrite URL, password-protect directories, enable hotlink protection, disallow access to specific IP addresses, change your website’s time zone or alter default index page, and much more.
.htaccess is a hidden file so in your cpanel file manager check see hidden files to see if you already have .htaccess there
go to the upload direction : the direction that your script store your members photos and avatar ,
how to find the direction ?
go to any member page of your page and right click the avatar photo for example and chose image link and browse it in new tap
you will have like this example www.yourwebsite.com/uploads/members/
go there and make .htaccess file and put this lines on it
<Files ~ "\.(jpg|jpeg|png|gif)$">
order deny,allow
allow from all
</Files>
remember that this way is good as temporary fix , you should do it and call web security professionalthis way help you temporary fix it
read more about web security here
