File Upload Attack using XAMLX Files

Article’s PDF file: https://soroush.me/downloadable/getting_shell_with_xamlx_files.pdf

I have recently published a blog post on use of .XAMLX files to execute command on an IIS based application.

This blog has been has been published by NCC and is accessible here: https://research.nccgroup.com/2019/08/23/getting-shell-with-xamlx-files/

Here is its little Twitter story:

View tweet on X / Twitter

This technique can come in handy when dealing with a file uploader that uses a blacklist approach to stop malicious extensions.

Interestingly, if you just search XAMLX in Google or Bing, this technique will be in the first page so it has taken over so many of its actual legitimate usage!

This entry was posted in Security Posts

Creation date: September 21, 2019

My MDSec Blog Posts so far in 2020/2021!

Uploading web.config for Fun and Profit 2