The author shares their experience and process of discovering a file upload vulnerability on a hotel booking program that allowed users to upload pictures as part of a hotel review.
The program scans all uploaded files for vetting purposes for 24 hours before they appear on the platform.
By changing the file extension of the picture being uploaded from .jpg to .php during the upload process and intercepting the upload request, the author was able to bypass the review process altogether, rendering the file immediate on the platform.
This isbecaused the system only looked at the file name and extensions rather than the actual file contents to scan for inappropriate content.
The author concludes by emphasising how simple this process was and encouraging users to adopt a proactive mindset when engaging with such platforms to explore avenues for such vulnerabilities.
They also mention that in a more real-world scenario, programmes have mitigation efforts in place to prevent such antics.