Subscribe by Email

Wednesday, April 25, 2012

Explain the concepts of Directory traversal attacks?

Another name for directory traversal attack is path traversal attack and there is quite unfamiliarity among people regarding this security threat. We have dedicated this entire article to make you aware of this security threat.

What is meant by Directory Traversal Attacks?

- Directory traversal attacks involve the exploitation of the insufficient sanitization or validation of the security regarding the input data supplied by the end user.
- This results in the passing of the characters representing the traverse to parent directory to the API files.
- The directory traversal attacks are aimed at accessing a computer file that is not intended to be accessible by ordering an application to do so.
- The application acts to the commands of the attacker.
- Here, in such situations there is no fault in the program code and it works perfectly fine but, it lacks in security and that is what that is taken advantage of by the attackers.
- He/ she takes an advantage of the lack of the security of the software system or application.
- This is completely opposite to the exploitation of the bugs of a code.
- Some times directory traversal attacks are also denoted as the “_ _ / attack” (pronounced as dot dot slash attack).
- One common form of such attacks is the canonicalization attacks.
- Some other rare forms are back tracking and directory climbing etc.
- In every operating system there exists a common file that is often used by the hackers to crack the passwords.
- In some operating systems like UNIX, no such password file exists.
- Rather the passwords are stored in some shadow file which is not accessible to the users that are recognized as the unprivileged by the machine. - Password  files are useful in another way also i.e., for enumeration of the accounts on that particular machine and displays whatever are the user accounts present on the system.
- Many variations are observed in the directory traversal attacks based on the directory traversal attack strings used in different operating systems.
- Directory traversal attacks create quite a menace these days which becomes quite difficult to manage.

How to prevent directory traversal attacks?

Software engineers have formulated an algorithm for the prevention of directory traversal attacks which is like this:
- Process URI requests such that they do not invoke any file request. For example, execution of a hook in to the code.
-  Always specify the full path to the directory or file if any exists while normalizing all the characters whenever you have to process a URI request. For example, normalize %20 to spaces.
-  Assume the length of the string to be N and a normalized path exists for a document root that is fully qualified and that no files outside this are accessible.
-  Ensure that the first n characters of the string match exactly with the document root of the requested file.
-  If the above condition proves to be true allow the file to be served.
-  If the above condition is proved false, an error should be returned since the requested file is inaccessible.

An efficient control over the accessing of the web content is highly required for the effective running of the web server in a secure mode. Mostly the web servers employ either of the two security mechanisms listed below: 

1. Root directory:
This directory keeps the users bounded to the specific limits outside which nothing can be accessed. It is created in order to avoid the unauthorized access of the files containing sensitive data by unprivileged users.
2. Access control lists (ACLs): 
These lists find their use in the process of authorization.  The lists contain the information of the users who can legally access the files.

No comments:

Facebook activity