The term is new, but concept is not. Throughout the history of
computing, IT organizations have been using their own infrastructure to
host applications, data, servers etc. Now most of them are renting the
infrastructure, with remote servers to host their application or data.
Organizations called service providers exist especially to provide,
manage and maintain the infrastructure on which their client
organization’s application or data are hosted. The client organization
gets access controls to manage their applications and data hosted on the
remote server. This is the main idea behind cloud computing. More here....
Sometimes, during file upload we come across situation wherein there would be check on the file extension at the client side as well as server side too. If the application does allow only .jpeg extension to be uploaded, the client side java script checks for the extension of the file before passing the request. We all know that how easily this can be defeated. Some applications, checks for the extension at the server side also. That's not easy to bypass. However there are some ways with which it still can be bypassed. Most of server side scripts are written in high level languages such as Php, Java etc who still use some C/C++ libraries to read the file name and contents. That leads to the problem. In C/C++ a line ends with /00 or which is called Null Byte. So whenever the interpreter sees a null byte at the end of the a string, it stops reading thinking it has reached at the end of the string. This can be used for the bypass. It works for many servers, specially php servers. T...
Comments