ImageTragick issue: how to verify images and documents to protect from renamed malicious files - ByteScout
  • Home
  • /
  • Blog
  • /
  • ImageTragick issue: how to verify images and documents to protect from renamed malicious files

ImageTragick issue: how to verify images and documents to protect from renamed malicious files

Yesterday, the critical security flaw revealed in the popular ImageMagick image processing package. The security issue allows executing the code by passing a specifically modified image. This is a serious threat to any service that relies on ImageMagick should protect their installation as soon as possible.

The site dedicated to this “ImageTragick” issue advises to “If you use ImageMagick or an affected library, we recommend you mitigate the known vulnerabilities by doing at least one of these two things (but preferably both!)”:

  1. Use a policy file into disabling the vulnerable ImageMagick coders (see the detailed instruction and how to verify that policies are set correctly)
  2. Verify that all uploaded images are corresponding to expected file formats by checking the file header.

To verify uploaded images and documents you may use some of these ways:

What about Javascript or if you don’t want to use the additional module or need to check the file before uploading it to your server? ByteScout Cloud API provides the solution for this case with its /file/verify REST Web API.

Example:

curl https://api.pdf.co/api/v1/file/verify \
-d apiKey=YOUR_API_KEY \ 
-d expected=PNG \
-d simple=true \
-d input=https://upload.wikimedia.org/wikipedia/commons/b/b4/JPEG_example_JPG_RIP_100.jpg

As the passed URL contains JPG image, the request will return:

invalid, detected jpg

If the expected type corresponds to the actual format then it will return the simple short response: ok

You may also get a detailed response including the detected file type and the detected mime type.

Example:

curl https://api.pdf.co/api/v1/file/verify \
-d apiKey=YOUR_API_KEY \ 
-d expected=PNG \
-d input=https://upload.wikimedia.org/wikipedia/commons/b/b4/JPEG_example_JPG_RIP_100.jpg

The response for this request will be (JSON):

{
"mime":"image/jpeg",
"detected":"jpg",
"expected":"png",
"success":false,
"filename":"JPEG_example_JPG_RIP_100.jpg"
}

With Cloud API you may verify image files and PDF files before processing them further and protect them from malicious scripts or files masking as images or documents.

   

About the Author

ByteScout Team ByteScout Team of Writers ByteScout has a team of professional writers proficient in different technical topics. We select the best writers to cover interesting and trending topics for our readers. We love developers and we hope our articles help you learn about programming and programmers.  
prev
next