ImageTragick issue: how to verify images and documents to protect from renamed malicious files

  • Home
  • /
  • Blog
  • /
  • ImageTragick issue: how to verify images and documents to protect from renamed malicious files
Try Free SQL Trainer - learn by doing!
SQL queries made easy - Natural Questions to SQL Converter.

Yesterday, the critical security flaw revealed in the popular ImageMagick image processing package. The secury issue allows to execute the code by passing a specifically modified image. This is a serious threat for any service that relies on ImageMagick should protect their installation as soon as possible.

The site dedicated to this “ImageTragick” issue advises to “If you use ImageMagick or an affected library, we recommend you mitigate the known vulnerabilities by doing at least one of these two things (but preferably both!)”:

  1. Use a policy file into disable the vulnerable ImageMagick coders (see the detailed instruction and how to verify that policies are set correctly)
  2. Verify that all uploaded images are corresponding to expected file formats by checking the file header.

To verify uploaded images and documents you may use some of these ways:

What about Javascript or if you don’t want to use additional module or need to check file before uploading to your server? ByteScout Cloud API provides the solution for this case with its /file/verify REST Web API.

Example:

curl https://bytescout.io/api/v1/file/verify \
-d apiKey=YOUR_API_KEY \ 
-d expected=PNG \
-d simple=true \
-d input=https://upload.wikimedia.org/wikipedia/commons/b/b4/JPEG_example_JPG_RIP_100.jpg

As the passed URL contains JPG image, the request will return:

invalid, detected jpg

If the expected type corresponds to the actual format then it will return the simple short response: ok

You may also get the detailed response including the detected file type and the detected mime type.

Example:

curl https://bytescout.io/api/v1/file/verify \
-d apiKey=YOUR_API_KEY \ 
-d expected=PNG \
-d input=https://upload.wikimedia.org/wikipedia/commons/b/b4/JPEG_example_JPG_RIP_100.jpg

The response for this request will be (JSON):

{
"mime":"image/jpeg",
"detected":"jpg",
"expected":"png",
"success":false,
"filename":"JPEG_example_JPG_RIP_100.jpg"
}

With Cloud API you may verify image files and pdf files files before processing them further and protect from malicious scripts or files masking as images or documents.

Sign up here to create your free account for ByteScout Cloud API.

prev
next