Burp Suite User Forum

Create new post

Validating File uploads

Karthik | Last updated: May 25, 2015 07:19AM UTC

Hi all, This may not be related to Burp Suite tool as such, but wanted to check if someone from this community could help Situation: As a part of file upload checks, only certain file extensions are allowed. But we can easily change the extension (to one of the allowed extensions) and upload the files for example, only doc,xls,pdf,txt files are allowed. But a .exe extension can be renamed to one of those extensions and uploaded and the upload succeeds. we want to validate the uploaded file to see if this really matches the extension. Is there any way to do that ?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.