How to detect malicious image file upload?
Supposed you have a website that allows users to upload their pictures.
Thanks.
if you are saving to the file system with the correct file extension, your anti virus protection
software may detect and quarantine the file
1 Like
Ok, it seems AV is the solution, thanks.
you could also strip out all the headers from the files on upload too, adobe software sometimes leaves heaps of xml in files depending on the export mode, most malware will be embedded in the headers.
i.e.
2 Likes
Interesting, thanks.
Trailing on to what @Zackster suggested about removing headers… that is (in part) what services like TinyPNG.com do to reduce the size of image files. So, you get the benefit of reducing file sizes (download faster, use less bandwidth) and at the same time help sterilize the images of any corrupted header data.
That said, I have an API wrapper for TinyPNG here if you’re interested:
HTH
– Denny
1 Like
Thanks for the info, When the project moves to that stage I’ll keep it in mind.
1 Like
If you are concerned with the content of the image you can use one of the cloud image analysis engines. We use Amazon Rekognition. This will also send error if content is not image.
I would also recommend that you never place uploaded files into web exposed directories. Upload into a validation path and validate before exposing any further.
1 Like
Thanks for the input, I’ll check it out when the project reaches that stage.