MIME (Multipurpose Internet Mail Extensions) is used on the internet to determine a file’s type. It is similar to file extensions in operating systems.
- Web Servers and browsers have a list of MIME types so they can identify files and take appropriate action. For example, if a file is a PDF, a browser may launch a relevant program so that you can see the content of this PDF file.
- Clients and servers use MIME-type information to negotiate content. Clients send MIME type information of request through Content-type Header in HTTP Request and state which kind of output they want to consume by using MIME types in the accept header.
MIME contains two parts: type and subtype. A slash (/) is used between type and subtype, such as image/jpeg. You can’t always see an extension in URLs because modern web applications use SEO (Search Engine Optimization) friendly URLs. It isn’t always possible to deduce which type of file is served by looking at the URL. SEO-friendly URLs or API endpoints, for example, usually don't have extensions.
Possible XSS attacks
Cybercriminals can still use the MIME feature to attack web applications. If a web application allows users to upload data to the server, attackers can disguise a malicious file under a harmless file type. When a web browser renders this file, it can allow the attacker to carry out a cross-site scripting attack.
Netsparker detects all files with the MIME type during scanning. This information is very useful in case further manual testing is required. It also helps security professionals spot any unusual files or types served by the server, which could indicate a successful hack.
In addition to MIME-types listed in Knowledge Base, Netsparker also reports the URLs that lack a MIME type. These URLs can cause MIME type sniffing threats if the content is misinterpreted by browsers. Netsparker reports Missing Content-Type Header issues for such cases.
Netsparker forms Knowledge Base nodes on its findings. If the MIME Types node is not listed, it means that Netsparker did not find any.
For further information, see Knowledge Base Nodes.
How to View the MIME Types Node in Netsparker Enterprise
- Log in to Netsparker Enterprise.
- From the main menu, click Scans, then Recent Scans. The Recent Scans window is displayed.
- Next to the relevant website, click Report.
- From the Technical Report section, click the Knowledge Base tab.
- Click the MIME Types node. The information is displayed in a MIME Types tab.
How to View the MIME Types Node in Netsparker Standard
- Open Netsparker Standard.
- Start a Scan or Import a previously saved scan.
- The Knowledge Base is displayed on the right of the Scan Summary Dashboard. (If it is hidden, display it again using the Knowledge Base icon on the View tab on the ribbon. Alternatively, click the Reset Layout icon on the View tab, then close the Activity/Progress/Logs panes to give maximum viewing space.)
- Ensure that the Knowledge Base Viewer is also displayed. (If it is hidden, you can display it again using the Knowledge Base Viewer button on the View tab. You may also want to close the Activity/Progress/Logs panes.)
- Click the MIME Types node in the Knowledge Base. All detected MIME Types are displayed in the Knowledge Base Viewer.