I've got a ASP.NET 2.0 website running and one of my web folder need to be shared (read + write, not execute) for webuser and ASPNET user, cause I have a module which allow the user to upload their images (only allow image file).
The user can touch that folder by using a web form to upload their images. That form will check and validate all the input data from user carefully using [FileField].PostedFile.ContentType, I think this command will get the correct file type, prevent the exploit: "file have multiple extension".
But one day, I found some files on that folder which are not image type (there're some script file on that folder), I check the web form many times and I'm pretty sure that the problem is not comming from the upload form.
Could some body please give me a clue about this type of hacking. I'm using ASP.NET 2.0 (with AJAX extension from Microsoft), SQL 2005 and IIS 6 on the Windows2003 (Autoupdate eveyday).
Thanks in advance,