Add malicious file upload solution

1 files changed, 13 insertions, 0 deletions

diff --git a/Upload malicious file/Resources/notes.md b/Upload malicious file/Resources/notes.md
new file mode 100644
index 0000000..98f0a85
--- /dev/null
+++ b/Upload malicious file/Resources/notes.md
@@ -0,0 +1,13 @@
+## Exploit
+
+1. In the page to upload images there is no input validation of files uploaded by the user beyond checking for the `Content-Type` header.
+1. Upload `yourMom.exe` with `upload.bash`. It will be accepted and the flag printed.
+
+## Fix
+
+- [https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/09-Test_Upload_of_Malicious_Files]()
+- [https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/08-Test_Upload_of_Unexpected_File_Types?utm_source=chatgpt.com]()
+
+Input validation for file is very complicated but should go beyond only checking the `Content-Type` header, for example the file extension, or the file content (magic pattern, content pattern etc). Here is a more complete [cheatsheet for file upload from OWASP](https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html).
+
+Even legitimate files might have malicious content!