Merge pull request #616 from fssecur3/patch-1

Add special character to bypass file upload restrictions
This commit is contained in:
Carlos Polop 2023-04-26 15:52:36 +02:00 committed by GitHub
commit e36ebc6dee
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -50,6 +50,7 @@ Other useful extensions:
4. Try to bypass the protections **tricking the extension parser** of the server-side with techniques like **doubling** the **extension** or **adding junk** data (**null** bytes) between extensions. _You can also use the **previous extensions** to prepare a better payload._
* _file.png.php_
* _file.png.pHp5_
* _file.php#.png_
* _file.php%00.png_
* _file.php\x00.png_
* _file.php%0a.png_