بنقرة واحدة
sc-file-upload
Insecure file upload detection — unrestricted types, MIME mismatch, polyglot files, and webshell upload
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
القائمة
Insecure file upload detection — unrestricted types, MIME mismatch, polyglot files, and webshell upload
التثبيت باستخدام Codex أو Claude انسخ هذا Prompt والصقه في Codex أو Claude أو مساعد آخر ليراجع صفحة Skill ويثبّتها لك.
استنادا إلى تصنيف SOC المهني
Comprehensive AI-powered security scanning suite with 48 skills covering OWASP Top 10, 7 language-specific deep scanners (Go, TypeScript, Python, PHP, Rust, Java, C#), supply chain analysis, infrastructure-as-code scanning, and 3000+ checklist items. Use when you need to run a security audit, find vulnerabilities, scan a PR for security issues, or perform a penetration test on a codebase.
C#/.NET-specific security deep scan
Go-specific security deep scan
Java/Kotlin-specific security deep scan
PHP-specific security deep scan
Python-specific security deep scan
| name | sc-file-upload |
| description | Insecure file upload detection — unrestricted types, MIME mismatch, polyglot files, and webshell upload |
| license | MIT |
| metadata | {"author":"ersinkoc","category":"security","version":"1.0.0"} |
Detects insecure file upload vulnerabilities including unrestricted file type uploads, MIME type vs extension mismatches, double extension bypasses, executable uploads to web-accessible directories, missing file size limits, and archive extraction attacks. Focuses on upload endpoints that could lead to remote code execution or stored XSS.
Called by sc-orchestrator during Phase 2 when file upload functionality is detected.
"multer", "upload", "multipart", "formidable", "busboy",
"FileUpload", "IFormFile", "MultipartFile", "@RequestPart",
"$_FILES", "move_uploaded_file", "UploadedFile",
"file.save(", "storage.upload(", "putObject("
1. No File Type Validation:
// VULNERABLE: Accept any file
const upload = multer({ dest: 'public/uploads/' });
app.post('/upload', upload.single('file'), (req, res) => {
res.json({ path: `/uploads/${req.file.filename}` });
});
// SAFE: Validate file type
const upload = multer({
dest: 'uploads/', // NOT in public directory
fileFilter: (req, file, cb) => {
const allowed = ['image/jpeg', 'image/png', 'image/gif'];
if (allowed.includes(file.mimetype)) {
cb(null, true);
} else {
cb(new Error('Invalid file type'), false);
}
},
limits: { fileSize: 5 * 1024 * 1024 } // 5MB limit
});
2. Upload to Webroot:
// VULNERABLE: Upload directly to web-accessible directory
move_uploaded_file($_FILES['file']['tmp_name'], 'public/uploads/' . $_FILES['file']['name']);
// If user uploads evil.php → accessible at /uploads/evil.php → RCE!
// SAFE: Upload outside webroot + rename
$ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION);
$allowed = ['jpg', 'png', 'gif'];
if (!in_array(strtolower($ext), $allowed)) { die('Invalid type'); }
$newName = bin2hex(random_bytes(16)) . '.' . $ext;
move_uploaded_file($_FILES['file']['tmp_name'], '/var/data/uploads/' . $newName);