ch0ic3/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-12-19 02:46:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #207 from victoni/master

Browse Source 
Adding the solution of Magic Bytes in the Unrestricted File Upload section
This commit is contained in:
Swissky 2020-05-14 12:13:52 +02:00 committed by GitHub
commit 81655945f9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Upload Insecure Files/README.md
View File

@ -65,6 +65,9 @@ Coldfusion: .cfm, .cfml, .cfc, .dbm
* `Content-Type : image/gif` * `Content-Type : image/gif`
* `Content-Type : image/png` * `Content-Type : image/png`
* `Content-Type : image/jpeg` * `Content-Type : image/jpeg`
- [Magic Bytes](https://en.wikipedia.org/wiki/List_of_file_signatures)
Sometimes applications identify file types based on their first signature bytes. Adding/replacing them in a file might trick the application.
### Picture upload with LFI ### Picture upload with LFI