Wednesday, July 20, 2011

“aspydrv.asp;.jpg”

Was reading this article about an alleged Anonymous hacker uploading a file “aspydrv.asp;.jpg” onto servers to compromise them.
This piqued my interest. I Googled the above file and found numerous sites hosting this file. Further research educated me that using the ";.jpg" at the end of the ASP file can fool insecure IIS servers.
Accessing one of the vulnerable sites, I try uploading a test ASP page written by my buddy, Simon, and the file successfully bypasses the file type check. I click on the uploaded ASP page and the "Hello World" message is published on my browser.
It is a simple trick to gain control of a vulnerable webserver but timely patching and hardening will thwart this threat.

1 comment:

  1. Thanks for the article. Useful when you encounter this type of files

    ReplyDelete