For example, if someone uploads a malicious image on website like Instagram or Facebook, and then hundreds of people viewed this image, wouldn’t that be an easy way to infect the devices of hundreds or thousands of people? If so, why do people view tens or hundreds of images without being afraid of getting their device infected?
Go to Source
I am currently doing a bug bounty program and was testing the company’s file upload functionality. After meddling with the functionality for a while, I was able to change the extension of the uploaded file to ‘.svg’ using burpsuite. I have read tons of article saying that .svg files is equal to XSS. In my case I was not able to fully upload svg file since the server is checking the content of the file. I have change the ‘Content-Type’ to image/svg and the file is uploaded, but when I change the content of the file with XML Tags, the server denied my upload. I found out that in order for the file to be uploaded successful, the beginning of the content type should be ‘…JFIF’ which is a metadata to describe that the content is JPEG/PNG and is interchangable. I have tried appending the SVG XML tag after the metadata and has successfully uploaded it to the server, but when the image is opened, a square image appeared and my XML tags are not being executed.
Is there any way I could bypass this image content to be able to execute XML? Is there any metada for SVG perhaps?
Go to Source
Author: Emanuel Beni