internal override async Task runTest(UploadRequest.UploadRequest request) {
string data = "<script>alert(document.cookie)</script>";
request.setFileData(Encoding.ASCII.GetBytes(data));
request.setFileContentType("image/jpeg"); //Default all files to image/jpeg
//HTML case sensitivity test
request.setFileName("Test_4" + ".hTMl");
await request.send();
printResult(request, "Test 04 (.hTMl)");
//ASP case sensitivity test
request.setFileName("Test_4" + ".aSp");
await request.send();
printResult(request, "Test 04 (.aSp)");
//Change contents for php test
data = "<?php\n"
+ " echo phpinfo();\n"
+ "?>";
//PHP case sensitivity test
request.setFileName("Test_4" + ".pHp");
await request.send();
printResult(request, "Test 04 (.pHp)");
}
internal override async Task runTest(UploadRequest.UploadRequest request) {
//Upload a normal jpg
byte[] data = getFirstImage();
request.setFileContentType("image/jpeg");
request.setFileData(data);
request.setFileName("UniqueLongName.jpg");
await request.send();
printResult(request, "Test 12 (Short-name prep)");
//Upload a jpg with the shortname matching the shortname version of the previous file
data = getSecondImage();
request.setFileData(data);
request.setFileName("Unique~1.jpg");
await request.send();
printResult(request, "Test 12 (Short-name overwrite)");
}
internal override async Task runTest(UploadRequest.UploadRequest request){
byte[] data = getImage();
request.setFileData(data);
request.setFileContentType("image/jpeg");
request.setFileName("Test_7.jpg.php"); //Default extension that will work
await request.send();
printResult(request, "Test 07 (malicious image .jpg.php)");
request.setFileName("Test_7.php.abc1"); //Will only work in certain conditions
await request.send();
printResult(request, "Test 07 (malicious image .php.abc1)");
request.setFileName("Test_7.php.jpg"); //Will only work in certain conditions
await request.send();
printResult(request, "Test 07 (malicious image .php.jpg)");
}
internal override async Task runTest(UploadRequest.UploadRequest request){
//Send a new .htaccess file. If this is uploaded it will make the server execute jpgs as php files
string data = "AddType application/x-httpd-php .jpg";
request.setFileData(Encoding.ASCII.GetBytes(data));
request.setFileContentType("image/jpeg");
request.setFileName(".htaccess");
await request.send();
printResult(request, "Test 08 (.htaccess over/write)");
//Upload a valid jpg with php in it's comment section
request.setFileData(getImage());
request.setFileContentType("image/jpeg");
request.setFileName("Test_8.jpg");
await request.send();
printResult(request, "Test 08 (php w/ .jpg)");
}
internal override async Task runTest(UploadRequest.UploadRequest request) {
const string data = "<?php\n"
+ " echo phpinfo();\n"
+ "?>";
request.setFileData(Encoding.ASCII.GetBytes(data));
request.setFileContentType("image/jpeg");
request.setFileName("Test_2.php");
await request.send();
printResult(request, "Test 02");
}
internal override async Task runTest(UploadRequest.UploadRequest request) {
const string data = "<?php\n"
+ " echo phpinfo();\n"
+ "?>";
request.setFileData(Encoding.ASCII.GetBytes(data));
request.setFileContentType("image/jpeg");
//Dot test
request.setFileName("Test_5.php.");
await request.send();
printResult(request, "Test 05 (dot test)");
//Space test
request.setFileName("Test_5.php ");
await request.send();
printResult(request, "Test 05 (space test)");
//Mixed test
request.setFileName("Test_5.php… … . . .. .. ");
await request.send();
printResult(request, "Test 05 (mixed dot/space test)");
}
internal override async Task runTest(UploadRequest.UploadRequest request){
//Set the data to HTML (all formats support HTML)
const string data = "<script>alert(document.cookie)</script>";
string[] badExtensions = {".html", ".shtml", ".jsp", ".asp", ".phtml", ".php3", ".php4", ".php5" };
request.setFileContentType("image/jpeg"); //Default all files to image/jpeg
request.setFileData(Encoding.ASCII.GetBytes(data));
foreach (string t in badExtensions){
request.setFileName("Test_3" + t);
await request.send();
printResult(request, "Test 03 (" + t + ")");
}
}
internal override async Task runTest(UploadRequest.UploadRequest request) {
const string data = "<?php\n"
+ " echo phpinfo();\n"
+ "?>";
request.setFileData(Encoding.ASCII.GetBytes(data));
request.setFileContentType("image/jpeg");
//Test for validation of just the final extension (Apache will use the real extension for the MIME type)
request.setFileName("Test_6.php.123");
await request.send();
printResult(request, "Test 06 (first extension)");
//Test for validation of just the first extension (Apache will use the last extension for the MIME type if they're all real)
request.setFileName("Test_6.jpg.php");
await request.send();
printResult(request, "Test 06 (last extension)");
//Test for "AddHandler" directive for php files (This will make Apache recognize the file as PHP no matter where the extension is)
request.setFileName("Test_6.php.jpg");
await request.send();
printResult(request, "Test 06 (AddHandler test)");
}
