file-upload-methodology
Warn
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: MEDIUMREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill provides functional webshell payloads for PHP, JSP, and ASP (e.g., using system(), eval(), and Runtime.exec()) designed to allow arbitrary command execution on a target server.
- [COMMAND_EXECUTION]: Includes Python and Bash snippets used to generate malicious files, such as 'Zip Slip' archives containing path traversal sequences and images with embedded PHP code.
- [COMMAND_EXECUTION]: Detailed procedures for bypassing security controls including extension blacklists/whitelists, MIME type validation, and magic byte checks, as well as exploiting configuration overrides via .htaccess and .user.ini.
- [COMMAND_EXECUTION]: Describes how to perform path traversal by manipulating the filename parameter in multipart form-data to write files into sensitive or executable directories.
- [DATA_EXFILTRATION]: Provides instructions for reading sensitive system files like /etc/passwd by utilizing symbolic links within uploaded ZIP archives.
Audit Metadata