## Exploit

1. In the page to upload images there is no input validation of files uploaded by the user beyond checking for the `Content-Type` header.
1. Upload `yourMom.exe` with `upload.bash`. It will be accepted and the flag printed.

## Fix

- [https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/09-Test_Upload_of_Malicious_Files]()
- [https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/10-Business_Logic_Testing/08-Test_Upload_of_Unexpected_File_Types?utm_source=chatgpt.com]()

Input validation for file is very complicated but should go beyond only checking the `Content-Type` header, for example the file extension, or the file content (magic pattern, content pattern etc). Here is a more complete [cheatsheet for file upload from OWASP](https://cheatsheetseries.owasp.org/cheatsheets/File_Upload_Cheat_Sheet.html).

Even legitimate files might have malicious content!