Risk of File upload functionality in Application
=====================================
* Overwrite an existing file with the same name- To Deface the website by replacing and existing page, or cause the website to function incorrectly.
* Upload malicious file - Could contain exploit, backdoor, virus, malware or Trojan which could be used to gain control of web server.
* Upload file with a very large size - To crash the server memory with rubbish data like Dos attack.
File upload security best practices Protections
======================================
* Validate the file Formats and Extension of uploaded files against a white-list of permitted file types.
* Validate the Content-Type header with a white-listed list.
* The application should set the maximum file size and file name to prevent Dos attack.
* Sanitize the Filename before inserting into a disk to prevent Buffer overflow attack.
* Keep uploaded files separate from the webroot directory. Use cloud-based storage or a content management system to store uploaded files. So that the attackers cannot execute the file via a website URL.
* Ensures the path or directory in which files are being uploaded has read and write permission only, it should not have executable permission.
* Rename the files after upload so it will make harder for an attacker to locate it. Implement a method of indirection when serving the uploaded content back in the browser, so the content is not referenced by its name from the original upload.
* Use a virus scanner to scan files before they are opened.
* Files such as Microsoft Office, PDF and image files can have embedded threats in scripts and macros, even if these are not detected by anti-malware engines. It is best practice to remove any possible embedded objects by using a feature called content disarm and reconstruction (CDR).
* Display a generic error message of file upload, do not include directory paths, it could be especially dangerous because the file could be executed immediately after uploading.
0 Comments