Saturday, January 12, 2008

Vulnerability Series: Backup Files

It's interesting that many systems administrators overlook the seriousness of backup files on a web server. Very often, developers and administrators will allow remnants of files scattered throughout the environment and while these files appear harmless, can result in a compromised system. Backup files can quite often contain very sensitive information about the system, application server or application code.

Administrators will often use the following extensions to backup files:

  • file.back
  • file.bak
  • file.org
  • file.tmp
  • file.temp
  • file-old
  • file.inc
  • file.orig
  • file..cp
  • file.save

How to apply this attack

Since these are files being saved to your web servers file system, simple browsing for the files will allow you to harvest results. One unfortunate solution might be to google for various search terms. For example …

XXXXXfile_name.bak site:atrysk.com

Remediation

Never save miscellaneous or backup files of any type/extension to the webroot of a server.

+++++EOF+++++