SecureMe2 MalwarePedia

Category

Path Traversal

 

Priority

High

 

Explanation

Indicators of path traversal in URLs.

This may signal attempts to access confidential files elsewhere in the directory structure, such as password files. This technique is often used as a starting point for hacking.

A path traversal attack (also known as directory traversal) aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. It should be noted that access to files is limited by system operational access control (such as in the case of locked or in-use files on the Microsoft Windows operating system).

This attack is also known as “dot-dot-slash”, “directory traversal”, “directory climbing” and “backtracking”.

Risk

The goal of this attack is to use an affected application to gain unauthorized access to the file system. This attack exploits a lack of security (the software is acting exactly as it is supposed to) as opposed to exploiting a bug in the code.

Action

How to identify if you are vulnerable

  • Be sure you understand how the underlying operating system will process filenames handed off to it.
  • Don’t store sensitive configuration files inside the web root
  • For Windows IIS servers, the web root should not be on the system disk, to prevent recursive traversal back to system directories.

How to protect yourself

  • Prefer working without user input when using file system calls
  • Use indexes rather than actual portions of file names when templating or using language files (ie value 5 from the user submission = Czechoslovakian, rather than expecting the user to return “Czechoslovakian”)
  • Ensure the user cannot supply all parts of the path – surround it with your path code
  • Validate the user’s input by only accepting known good – do not sanitize the data
  • Use chrooted jails and code access policies to restrict where the files can be obtained or saved to
  • If forced to use user input for file operations, normalize the input before using in file io API’s

More information

This website stores some user agent data. These data are used to provide a more personalized experience and to track your whereabouts around our website in compliance with the European General Data Protection Regulation. If you decide to opt-out of any future tracking, a cookie will be set up in your browser to remember this choice for one year. I Agree, Deny
560

Door de site te te blijven gebruiken, gaat u akkoord met het gebruik van cookies. meer informatie

De cookie-instellingen op deze website zijn ingesteld op 'toestaan cookies "om u de beste surfervaring mogelijk. Als u doorgaat met deze website te gebruiken zonder het wijzigen van uw cookie-instellingen of u klikt op "Accepteren" hieronder dan bent u akkoord met deze instellingen.

Sluiten