IIS File Extension Security Bypass | Soroush Dalili (@irsdl) Blog

Article’s PDF file: https://soroush.me/downloadable/getting_shell_with_xamlx_files.pdf

I have recently published a blog post on use of .XAMLX files to execute command on an IIS based application.

This blog has been has been published by NCC and is accessible here: https://research.nccgroup.com/2019/08/23/getting-shell-with-xamlx-files/

Here is its little Twitter story:

And here we go https://t.co/KTVukFkFn6 – that was fast @NCCGroupInfosec ! Thanks :)
— Soroush Dalili (@irsdl) August 23, 2019

This technique can come in handy when dealing with a file uploader that uses a blacklist approach to stop malicious extensions.

Interestingly, if you just search XAMLX in Google or Bing, this technique will be in the first page so it has taken over so many of its actual legitimate usage!

Soroush Dalili (@irsdl) Blog

A web application security ninja 🥷, a semicolon enthusiast!

Tag Archives: IIS File Extension Security Bypass

File Upload Attack using XAMLX Files