Tag Archives: IIS File Extension Security Bypass

File Upload Attack using XAMLX Files

Article’s PDF file: https://soroush.me/downloadable/getting_shell_with_xamlx_files.pdf

I have recently published a blog post on use of .XAMLX files to execute command on an IIS based application.

This blog has been has been published by NCC and is accessible here: https://research.nccgroup.com/2019/08/23/getting-shell-with-xamlx-files/

Here is its little Twitter story:

This technique can come in handy when dealing with a file uploader that uses a blacklist approach to stop malicious extensions.

Interestingly, if you just search XAMLX in Google or Bing, this technique will be in the first page so it has taken over so many of its actual legitimate usage!