0

I'm really curious about security for the web. I have read a lot of articles about the issue with the upload file in php and particularly the one about the double extension: img.php.jpg or img.php.gif.

I've tried to understand how this thing works. I have already understand what is the security vulnerability and I have created my own image with some PHP code inside. For that, I have used HxD for writing in Hexa inside of my image. But unfortunately, I cannot run the code in my img on my local server (I'm using WAMP). Something seems missing but I don't know what. Do I have to configure something in particular in my WAMP?

Edit

I'm not trying to find a way for implementing a script against this vulnerability. I want to reproduce this vulnerability on my computer for understanding how that works exactly. But as I said before, the php interpreter doesn't read the php inside my img and I don't know why. I have tried during a long time and I don't understand why the php is not read inside the image. I have read a lot of articles about it and that seems to be automatic. If I understand clearly when you are trying to show the image the php inside is interpreted. But not in my case, why?

halfer
  • 19,824
  • 17
  • 99
  • 186
Latsuj
  • 469
  • 1
  • 5
  • 14
  • 2
    You're going about it the wrong way. The way you mentioned above is simply trying to fool/spoof the extension, as most "PHP Uploads" simply check if it has a `.png/.jpg/.gif` extension, instead of checking to ensure the image, is actually an image. – Darren Nov 01 '15 at 23:44
  • The wrong way ? Sorry, i dont get it. Your answer is exactly what I'm trying to do. I want to fool the "PHP Upload" for understanding the vulnerability. But right now, i dont understand how the PHP interpreter can be fool by an img with some PHP code inside. I'm trying to reproduce this vulnerability on my local server but the image still an image. The interpreter dont read the PHP code inside, can u tell me why ? I think something is missing in my comprehension but i dont know what :x – Latsuj Nov 02 '15 at 17:25
  • Thank you Dragon for your answer too, however I'm trying to find a way for protecting my website against this vulnerability. It's the opposite. But ur link still useful (I know how to implement a protection against that now :) ) – Latsuj Nov 02 '15 at 17:27
  • You aren't embedding or hexing the php code into the image, that isn't how it's done. All you'd be doing is "spoofing" the extension. So you'd take your normal php file (lets call that `latsuj.php`) and renaming it to add the extension. So now it'd be called `latsuj.php.png`. – Darren Nov 02 '15 at 23:26

0 Answers0