Recently, the 3 6 0 Web sitessecurity testingplatform issued an emergency Safety notice, widely used communication Protocol WebDAV there is a directory write permission to the high-risk vulnerabilities, an attacker can upload arbitrary text files, and combined with the server to resolve the vulnerabilities reach the upload WebShell purposes, the highest possible result in source code disclosure. After 3 6 0 Web sitessecurity testingthe sampling and analysis and research, this national range close to the 6 0,0 0 0 the site the presence of this vulnerability, once the hackers launched a Massive Attack, a large number of sites will be disastrous.
It is understood that the WebDAV Web-based Distributed Authoring and Versioning, is a method based on the HTTP 1.1 Protocol is a communication Protocol, typically used to publish and manage Web resources, including Win2000/XP, IE, Office, and Dreamweaver support WebDAV, which also led to the vulnerability affected a wider scope. In fact, the WebDAV vulnerability belonging to the configuration of the defect, in the years before it was exposed, but since the part of the webmasters security awareness is relatively weak, so the vulnerability remains widespread. After 3 6 0 Web sitessecurity testingplatform analysis, the attacker's goal is to use the IIS server and WebDAV enabled website, the main attack way of the following four: 1, directly upload the text format of the Trojan file; 2, modify the site of the original files such as CSS style files to achieve the hanging horse; and 3, by the Move method to upload ASP format of the Trojan file; 4, the combination of IIS6. 0 filename parsing vulnerability, upload xxx. asp;aa. txt Trojan file. ! Figure 1: Using the Move command can upload any file ! Figure 2: script execution successful, if the uploaded is a Trojan file it to achieve the attack Given the WebDAV vulnerability of the implications and possible for the site to cause deadly harm, 3 6 0 Web sitessecurity testingplatform has been the first time to its users to send alarm messages is strongly recommended that webmasters disable the WebDAV functionality, and regularly use 3 6 0 security detection service to monitor website security status.