Unrestricted file upload is a common and a serious risk associated with the applications hosted over internet. Most of the social networking sites, applications which include user profile creation allow end-user to upload files of their own interest like .img, .mp3, .mp4, .gif etc with limited restrictions. If these files are not being validated properly it can put the application or the system in a serious trouble.
Modern applications allow users to upload file of any extension and size as a part of its advanced functionality. This file upload creates an entry point for an attacker to perform malicious activity. In most of the cases for an attack to take place, an attacker might wants his code (either it might be a script or a malicious payload) to get executed on the target system. So if an application is vulnerable to unrestricted file upload, attacker can easily place his code on the server. First step of an attack has been done by uploading a file. Now the attacker has been left out with a simple task of finding a way to execute his code.
If the uploaded code is being executed by system administrator unknowingly it could result in website defacement, overloaded server/database or even the whole server may be compromised. Cause of the vulnerability exactly depends on the file being uploaded and executed. Therefore, it is must to treat this vulnerability with severe caution since the impact is high.
Points to Consider:
1. Strong input validation is essential to restrict the file types an attacker can upload.
2. Blacklisting of file extensions is not advised as an attacker can deceive the developer by using different file tricks. Therefore, White listing of file type is recommended.
3. Limit the file size.
4. Verify of file type and content.
5. Use content filtering techniques.
6. Web application firewalls can also be used to ensure the maximum level of protection.
Authored by Saravanan M