Chapter 6. File Upload Vulnerabilities
This chapter will deal with security issues related to file upload. I bet the readers must have encountered web applications in which there is a functionality to upload files, commonly in the form of an image, video, documents, and so on. However, if a web application has poor (or no) security mechanisms to prevent certain kinds of files, such as server-side scripting, then that can result in arbitrary code execution on the server. Even with limited file upload capability, we can execute arbitrary JS (XSS), CSRF, and run client-side exploits.
Let's go straight to our first demonstration of a file upload vulnerability through Damn Vulnerable Web Application (DVWA)—an open source PHP web application developed for the purpose of demonstrating different types of web vulnerabilities. We've already used DVWA in Chapter 3, Cross-Site Scripting (XSS) to demonstrate XSS. DVWA can be downloaded from http://www.dvwa.co.uk/.
