cyberneticlibrary
← library

Test file upload security

offensive-file-uploadskillsetup L22,144
SnailSploit/Claude-Red
What it does

Bypass file upload validation controls

Best for

Finding RCE or XSS through file upload when MIME validation or extension checks are sole defense

Inputs
  • · Web app with file upload endpoint
  • · Test files (executables, polyglots, archives)
Outputs
  • · Successful RCE or stored XSS via uploaded file
  • · Detailed bypass technique
Requires
  • · Burp Suite or similar proxy
  • · Web shell payloads (PHP, ASP, JSP)
  • · Polyglot/archive tools
Preconditions
  • · Upload endpoint identified and accessible
  • · Upload directory is executable or XSS-capable
Failure modes
  • · Double extension (.php.jpg) only works on Apache mod_php
  • · Null byte (.php%00.jpg) only works on older PHP
  • · Case sensitivity (.PHP) varies by OS
Trust signals
  • · Covers 20+ extension bypass techniques with examples
  • · NTFS ADS (.php::$DATA) and CRLF injections included
  • · Magic byte manipulation and polyglot techniques