Detect filetype without the ending

Question

I have an file uploader with filetype restrictions. The uploader checks the filetype by checking the file extension (like *.txt => allowed, *.exe => not allowed). I've now been told that it is a problem that you could simply edit the file extension and upload it even if it is a file that is not allowed.

So my question is: Is it even possible to detect a filetype without checking the file extension? Would it be a security risk in any way e.g. if it's possible to upload binaries with the extension edited?

I use Ajax/Javascript with MVC4 (so Windows Server). But I think it's a general question.

Sorry if that question might not be that challenging but I didn't know how I could find it out besides asking. (so no downvotes please ^^)

Answer 1

You can look for various 'magic numbers' in some file types if you can see the file contents. http://en.wikipedia.org/wiki/EXE gives some information about some of the markers in Windows executables that might be used to identify executables by looking at the file contents. There are, I am sure, more detailed technical resources on the file formats available on MSDN and elsewhere.
As to whether it is a security risk, that depends very much on what you are doing with the data once you retrieve it. A string of bytes can be executed even if it not in a EXE package if it is mishandled and conversely an EXE can be handled safely.

Answer 2

To detect a filetype you can either look at the extension or you look at the content.

1) As you already noticed, the extension is not reliably, because it is just a convention. Nobody can ensure that the extension is correct.

2) The other way would be to look into the file and try to guess the type. For this you would have to write a list of known headers or other kind of signatures to look for. Depending on the type of file, this might be more reliable, but depending on the kind of files you expect, it might cause a big overhead.