Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Possible Sensitive Directories/Files Detected
#1
Hi Team
Kindly advise how to solve the below vulnerability. There are few upload and downloads in the website and everything doing through the wwwroot folder.
Thanks
Pramod

Possible Sensitive Directories/Files Detected

These directory/files may expose sensitive information that could help a malicious user to prepare more advanced attacks. A possible sensitive directory has been found. These directory/files are not directly linked from the website. This check looks for common sensitive resources like backup directories database dumps administration pages temporary directories. Each one of these directories could help an attacker to learn more about his target.
Reply
#2
I believe they flagged it because you are using the wwwroot folder as a temporary repository of files. In that case, I agree with the assessment. wwwroot folder is not a safe folder for storing temporary files. Anyone knowing the file name can download the file depending on the MIME type (e.g. PDF, zip, etc can be downloaded without any security check). So in theory, a person in SessionA can guess and download a file that belongs to SessionB.

You should move the uploaded files to a different directory (not a subdirectory of wwwroot) and possibly also the downloaded files. In case of file downloads you can use the IntraWeb cache feature to make them available only to the session that needs it.
Reply
#3
(06-23-2023, 04:46 AM)Alexandre Machado Wrote: I believe they flagged it because you are using the wwwroot folder as a temporary repository of files. In that case, I agree with the assessment. wwwroot folder is not a safe folder for storing temporary files. Anyone knowing the file name can download the file depending on the MIME type (e.g. PDF, zip, etc can be downloaded without any security check). So in theory, a person in SessionA can guess and download a file that belongs to SessionB.

You should move the uploaded files to a different directory (not a subdirectory of wwwroot) and possibly also the downloaded files. In case of file downloads you can use the IntraWeb cache feature to make them available only to the session that needs it.

Thanks Alex, will do it.

Here one query. Normally for both the upload and download what am using is the GServerController.ContentPath. As you advised above it should be WebApplication.ApplicationPath, right?
Reply
#4
I suggest that you create 2 subfolders beneath the folder where the executable is, for instance:

\Downloads
\Uploads

They will be in the same level where wwwroot folder is:

\Downloads
\Uploads
\wwwroot

This way they can't be targeted by any incoming request (IntraWeb will never serve a file outside wwwroot folder, unless you explicitly command it from server code, not from an incoming request)

For downloads, if you are not using SendFile/SendStream you will need to move the files from \Donwloads to the cache using one of several methods to add a file to the cache.
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)