Skip to content
/ exifphp Public

A vulnerable application to demonstrate smuggling PHP code through EXIF data

License

GPL-3.0 license
1 star 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

VerSprite/exifphp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
css
css
 
 
fonts
fonts
 
 
js
js
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
error.php
error.php
 
 
success.php
success.php
 
 
upload.php
upload.php
 
 

Repository files navigation

exifphp

A vulnerable application to demonstrate smuggling PHP code through EXIF data.

This application has three easily defeatable controls to prevent uploading files that aren't JPEGS. The first control is JavaScript which attempts to check the file extension before upload. The last two are implemented in PHP, and essentially just validate that the file is actually a JPEG.

There is zero controls around the actual file extension, which allows you to append ".php", ".php5", etc to the file in transit. This aids in the overall code execution of the PHP smuggled into JPEG's EXIF data.

Configuration

  • Create a uploads directory and make sure uploads.php points to it
  • Configure the Bootstrap directories as you see fit
  • This was built and deployed on Apache

About

A vulnerable application to demonstrate smuggling PHP code through EXIF data

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published