internal override async Task runTest(UploadRequest.UploadRequest request) { const string data = "<?php\n" + " echo phpinfo();\n" + "?>"; request.setFileData(Encoding.ASCII.GetBytes(data)); request.setFileContentType("image/jpeg"); //Dot test request.setFileName("Test_5.php."); await request.send(); printResult(request, "Test 05 (dot test)"); //Space test request.setFileName("Test_5.php "); await request.send(); printResult(request, "Test 05 (space test)"); //Mixed test request.setFileName("Test_5.php… … . . .. .. "); await request.send(); printResult(request, "Test 05 (mixed dot/space test)"); }
internal override async Task runTest(UploadRequest.UploadRequest request) { const string data = "<?php\n" + " echo phpinfo();\n" + "?>"; request.setFileData(Encoding.ASCII.GetBytes(data)); request.setFileContentType("image/jpeg"); //Test for validation of just the final extension (Apache will use the real extension for the MIME type) request.setFileName("Test_6.php.123"); await request.send(); printResult(request, "Test 06 (first extension)"); //Test for validation of just the first extension (Apache will use the last extension for the MIME type if they're all real) request.setFileName("Test_6.jpg.php"); await request.send(); printResult(request, "Test 06 (last extension)"); //Test for "AddHandler" directive for php files (This will make Apache recognize the file as PHP no matter where the extension is) request.setFileName("Test_6.php.jpg"); await request.send(); printResult(request, "Test 06 (AddHandler test)"); }
internal override async Task runTest(UploadRequest.UploadRequest request) { string data = "<script>alert(document.cookie)</script>"; request.setFileData(Encoding.ASCII.GetBytes(data)); request.setFileContentType("image/jpeg"); //Default all files to image/jpeg //HTML case sensitivity test request.setFileName("Test_4" + ".hTMl"); await request.send(); printResult(request, "Test 04 (.hTMl)"); //ASP case sensitivity test request.setFileName("Test_4" + ".aSp"); await request.send(); printResult(request, "Test 04 (.aSp)"); //Change contents for php test data = "<?php\n" + " echo phpinfo();\n" + "?>"; //PHP case sensitivity test request.setFileName("Test_4" + ".pHp"); await request.send(); printResult(request, "Test 04 (.pHp)"); }
internal override async Task runTest(UploadRequest.UploadRequest request) { const string data = "<?php\n" + " echo phpinfo();\n" + "?>"; request.setFileData(Encoding.ASCII.GetBytes(data)); request.setFileContentType("image/jpeg"); request.setFileName("Test_2.php"); await request.send(); printResult(request, "Test 02"); }
internal override async Task runTest(UploadRequest.UploadRequest request) { const string data = "<?php\n" + " echo phpinfo();\n" + "?>"; request.setFileData(Encoding.ASCII.GetBytes(data)); request.setFileContentType("application/x-httpd-php"); //Generally the default content-type used for php request.setFileName("Test_1.php"); await request.send(); //Send the request and halt the thread until it completes printResult(request, "Test 01"); }
internal override async Task runTest(UploadRequest.UploadRequest request) { //A semi-colon is const string data = "<?php\n" + " echo phpinfo();\n" + "?>"; request.setFileData(Encoding.ASCII.GetBytes(data)); request.setFileContentType("image/jpeg"); request.setFileName("Test_11.php;.jpg"); await request.send(); printResult(request, "Test 11 (IIS <= 6)"); }
internal override async Task runTest(UploadRequest.UploadRequest request) { //Set the data to HTML (all formats support HTML) const string data = "<script>alert(document.cookie)</script>"; string[] badExtensions = { ".html", ".shtml", ".jsp", ".asp", ".phtml", ".php3", ".php4", ".php5" }; request.setFileContentType("image/jpeg"); //Default all files to image/jpeg request.setFileData(Encoding.ASCII.GetBytes(data)); foreach (string t in badExtensions) { request.setFileName("Test_3" + t); await request.send(); printResult(request, "Test 03 (" + t + ")"); } }
internal override async Task runTest(UploadRequest.UploadRequest request) { //Insert a null byte between the two extensions const string data = "<?php\n" + " echo phpinfo();\n" + "?>"; IEnumerable <byte> rv = Encoding.ASCII.GetBytes("Test_9.php").Concat(new byte[] { 0x00 }).Concat(Encoding.ASCII.GetBytes(".jpg")); request.setFileData(data); request.setFileContentType("image/jpeg"); request.setFileName(rv.ToArray()); await request.send(); printResult(request, "Test 09 (Null byte)"); }