Saturday, January 12, 2008

Vulnerability Series: WS FTP

WS_FTP is a popular ftp application which enables the upload of files to a web server. By default, the application is installed with the “Enable Logging” option turned on. This option saves WS_FTP.log activity log files to the remote web server.

An example log file might contain an entry similar to the following:

XXXXX/html/some/secret/directory/ws_ftp.log

How to apply this attack

Since this is a log file being uploaded to your web servers file system, simple browsing for the file will allow you to harvest results. One unfortunate solution might be to google ws_ftp.log as a search term. For example ...

XXXXXGoogle+Search

Remediation

If the administrator does not remove these files from the file system, attackers are able to utilize these log files to learn the exact structure of the file system and website.

+++++EOF+++++