Level 6
Old post, but this middleware seems to be exactly what's being asked for:
https://github.com/laravel-at/laravel-image-sanitize
Unfortunately I can't comment on the quality of it.
Mar 9, 2020
1
Level 1
RCE through an image file upload
Does anyone has a solution for RCE through an image, presented in the video below by Antti Rössi at Laracon EU 2019??
https://youtu.be/kKGGVGiq2y8?t=895
The vulnerability he presented is about passing a code through the meta data of an image which will be uploaded and then the code executed whenever you execute "get file size". That code will allow a reverse shell to connect to your server and execute all sorts of operations.
BTW I recommend to watch the video from the beginning.
Please or to participate in this conversation.