What is a polyglot?
Applications allow only certain file types on features like file upload and don’t allow other file types like .php or .js files as these can enable the attacker to upload malicious files on the application. Applications perform extension filtering checks like double extensions(.jpg.php) or use of null bytes in extension(.php%00.jpg), file names (.htaccess, .config, etc..), and if the uploaded file’s signature also matches its content type.
The different application uses different methods and polyglots can be used to bypass some of these validation checks.
This post was created with our nice and easy submission form. Create your post!