Mainly, deciding whether it is better to use an off-the-shelf system to secure file uploads, or build it in-house. What third party libraries interact with the file?Īfter you’ve answered the above questions for your system, or if you are dealing with a project where you are developing a file upload feature from the ground up, there are technical decisions to make.Is the file or any part of the file executed, and if so, where?.
How is the metadata (file name and path) processed by the application?.Is the file displayed anywhere, and if so, where?.Which users should have the ability to read the file?.Which users should have the ability to upload a file?.The answers will give you insight into the risks that you are currently facing and help you determine the cost of a project to secure any existing vulnerabilities. Go through the following checklist of questions to identify potential vulnerabilities and prevent malicious uploaders from exploiting your system. Now you that you know what attacks you are up against, it’s time to start asking questions about your system. To get a more detailed look into the types of attacks that are possible, this talk by Yahoo security researcher Ebrahim Hegazy goes over 15 common scenarios in exploiting file upload pages: For example, a misconfigured AWS S3 configuration could result in private user photos being accessible to the public. File access attacks – The access rules around uploaded files can be misconfigured, resulting in unauthorized.For example, uploaded and executed malware could be used to reveal a key that gives an attacker access to the system. The outcome of this attack depends entirely on how the file is used and processed. File content attacks – The content of the file can be use to manipulate the behavior of the application.For example, an attacker could use a botnet to trigger the simultaneous uploads of very large (or very small!) files that result in legitimate requests not being fulfilled. File size attacks – An unexpectedly large file can cause an application to overload or fail.For example, an attacker could use control characters in the filename to trick the system into overwriting an important configuration file. File metadata attacks – The path and file name can trick an application into copying the file to an unexpected location that could overwrite an important file and cause unexpected behavior.When creating a system that accepts files from users, it’s important to evaluate the risks associated with each category and add security checks to defend against them: File upload attacks can be grouped into 4 categories.
0 kommentar(er)
