Xproterg
04-23-2006, 03:46 PM
Aloha;
I have a couple of scripts that need a hacker-proof image filter. This means that the script cannot verify if the end of the input is an image extension because a hacker can use the %00/null-byte to confuse the script. And example of this is as follows: myscript.php?filename=serverkill.php%00.jpg The browser ignores the nullbyte and everything after it. I am aware of the idea of verifying the file's header, but I think that anyone could upload a script file with a faked image header.
How would you guys filter images? Also, png files are a no-go because they need to be filtered as well (on their own).
I have a couple of scripts that need a hacker-proof image filter. This means that the script cannot verify if the end of the input is an image extension because a hacker can use the %00/null-byte to confuse the script. And example of this is as follows: myscript.php?filename=serverkill.php%00.jpg The browser ignores the nullbyte and everything after it. I am aware of the idea of verifying the file's header, but I think that anyone could upload a script file with a faked image header.
How would you guys filter images? Also, png files are a no-go because they need to be filtered as well (on their own).