Bypassing upload protections
Most of the time, there will be some sort of protection mechanisms to prevent malicious file uploads.
For example, server-side script uploads, such as PHP or JSP, are often not allowed. We shall go through different protections that developers often use and can be bypassed.
Case-sensitive blacklist extension check bypass
Developers, sometimes, add a blacklist for certain file extensions, which is considered harmful. Sometimes, they forget whether their extension verification is case-insensitive, which means a blacklist for the PHP file extension .php should be denied, and so should .php, .PhP, .pHP, and other variants, developers often check for the lower cases of the extension and disregard the variants (case insensitive checks).
Consider the following PHP file upload code, which tries to deny different types of PHP file extensions (.php, .php3, and so on):
<?php if(isset($_FILES['image'])){ $filename = $_FILES['image']['name']; $tmp=$_FILES['image...
