Directory Traversal Attack - Possible Methods To Prevent Directory Traversal

Possible Methods To Prevent Directory Traversal

A possible algorithm for preventing directory traversal would be to:

  • Process URI requests that do not result in a file request, e.g., executing a hook into user code, before continuing below.
  • When a URI request for a file/directory is to be made, build a full path to the file/directory if it exists, and normalize all characters (e.g., %20 converted to spaces).
  • It is assumed that a 'Document Root' fully qualified, normalized, path is known, and this string has a length N. Assume that no files outside this directory can be served.
  • Ensure that the first N characters of the fully qualified path to the requested file is exactly the same as the 'Document Root'.
  • If so, allow the file to be returned.
  • If not, return an error, since the request is clearly out of bounds from what the web-server should be allowed to serve.
  • Check if the string contains '..' (two periods next to each other).
  • Using a hard-coded predefined file extension to suffix the path does not limit the scope of the attack to files of that file extension.
The user can use %00 (return to line, \n) to bypass everything after the $_GET

Read more about this topic:  Directory Traversal Attack

Famous quotes containing the words methods, prevent and/or directory:

    The ancient bitter opposition to improved methods [of production] on the ancient theory that it more than temporarily deprives men of employment ... has no place in the gospel of American progress.
    Herbert Hoover (1874–1964)

    During the cattle drives, Texas cowboy music came into national significance. Its practical purpose is well known—it was used primarily to keep the herds quiet at night, for often a ballad sung loudly and continuously enough might prevent a stampede. However, the cowboy also sang because he liked to sing.... In this music of the range and trail is “the grayness of the prairies, the mournful minor note of a Texas norther, and a rhythm that fits the gait of the cowboy’s pony.”
    —Administration in the State of Texa, U.S. public relief program (1935-1943)

    Although then a printer by trade, he listed himself in this early directory as an antiquarian. When he was asked the reason for this he replied that he always thought every town should have at least one antiquarian, and since none appeared for the post, he volunteered.
    —For the State of Iowa, U.S. public relief program (1935-1943)