Category

Checklists

Checklists, Resources

File Upload Restriction Bypass Checklist

Introduction

When enumerating web applications, we often find ourselves in front of a file upload file that allows us to potentially upload malicious files onto the application, such as a PHP or ASP shell, although these will often have certain restrictions that will only allow certain file types, extensions, file names or contents.

Through this checklist, I hope to cover most of the possible bypass methods that can be used to get past this restriction.

Read more