May 25, 2021

Uploading viruses as .txt and .jpg files to Azure blob storage

A pentest company mentioned our web app has a vulnerability because users are able to upload viruses disguised as .txt/image (.jpg etc) files. Only the format of the file is checked (.exe is not allowed).

These files are uploaded to Azure blob storage, and can later be downloaded via a link to the blob.

They uploaded eicar.exe.txt. However I don’t see this being an issue.

The only way these viruses could execute is if the victim renamed them to .exe and then ran them.

The company recommended we look into running virus scanning software for the blobs.

Is anyone able to explain to me, step by step, how a virus in a .txt or .jpg file, could end up being executed on a victim’s computer, if the victim was emailed a link to the blob, for example?

Comments

phuckphuckety

I’ve never heard of .txt or .jpg viruses but I know .pdf can be weaponized against some pdf readers

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.