Description

Goals

Documentation Uses

Overview

Background

Contributors

Classes of Attack

Contact

Appendix

License


Contributors
Robert Auger
Ryan Barnett
Yuval Ben-Itzhak
Erik Caso
Cesar Currudo
Sacha Faust
JD Glaser
Jeremiah Grossman
Sverre H. Huseby
Amit Klein
Mitja Kolsek
Aaron C. Newman
Steve Orrin
Bill Pennington
Ray Pompon
Mike Shema
Ory Segal
Caleb Sima



Predictable Resource Location
Predictable Resource Location is an attack technique used to uncover hidden web site content and functionality. By making educated guesses, the attack is a brute force search looking for content that is not intended for public viewing. Temporary files, backup files, configuration files, and sample files are all examples of potentially leftover files. These brute force searches are easy because hidden files will often have common naming convention and reside in standard locations. These files may disclose sensitive information about web application internals, database information, passwords, machine names, file paths to other sensitive areas, or possibly contain vulnerabilities. Disclosure of this information is valuable to an attacker.

Predictable Resource Location is also known as Forced Browsing, File Enumeration, Directory Enumeration, etc.


Example
Any attacker can make arbitrary file or directory requests to any publicly available web server. The existence of a resource can be determined by analyzing the web server HTTP response codes. There are several of Predictable Resource Location attack variations:

Blind searches for common files and directories
/admin/
/backup/
/logs/
/vulnerable_file.cgi

Adding extensions to existing filename: (/test.asp)
/test.asp.bak
/test.bak
/test


Search this site
Home :: About Us :: Projects :: Mailing Lists :: Library :: News :: Links :: Contact Us
© Copyright 2005, Web Application Security Consortium. All rights reserved.