Re: Catching directory transversals passed through QueryString
- From: "Kevin Spencer" <kevin@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 8 Mar 2006 19:01:02 -0500
Imagine what would happen if everyone in your city used the same server to
access the Internet. That's what sort of problem you have on your hands. If
I were you, I'd throw the whole concept out the window.
--
HTH,
Kevin Spencer
Microsoft MVP
..Net Developer
Presuming that God is "only an idea" -
Ideas exist.
Therefore, God exists.
"Merennulli" <maross@xxxxxxxxxxxxxxxx> wrote in message
news:1141857826.139327.324000@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Ok, the gist of the problem is I have a site my predecessor created
that much of it goes through a single asp.net app. For some reason,
instead of using templates or includes, he passed everything through
this one bit of code that dumped html and flat text in the middle of
the page. To keep it dynamic, he has the querystring take in a
filename. eg.
http://www.oursite.net/default.aspx?filename=/folder/file.txt
Of course, this leaves it wide open for
http://www.oursite.net/default.aspx?filename=../web.config
or
http://www.oursite.net/default.aspx?filename=../../../Inetpub/wwwroot/default.aspx
or worse.
For now, I'm just using regex to require either ".txt" or ".htm?" and
then catch "../" and hit the breaks if it finds that. I'm concerned,
though, that there might be other ways of exploiting this.
.
- Follow-Ups:
- Re: Catching directory transversals passed through QueryString
- From: Merennulli
- Re: Catching directory transversals passed through QueryString
- References:
- Catching directory transversals passed through QueryString
- From: Merennulli
- Catching directory transversals passed through QueryString
- Prev by Date: Re: How to compile a subfolder into a DLL?
- Next by Date: Re: 100% height div with xhtml
- Previous by thread: Catching directory transversals passed through QueryString
- Next by thread: Re: Catching directory transversals passed through QueryString
- Index(es):
Relevant Pages
|
