Click here to download the paper.
Two security issues have been reported via this security research:
1- IIS Short File/Folder Name Disclosure by using tilde “~” character:
2- .Net Framework Tilde Character DoS:
Workaround and Prevention:
We are working with security vendors to come up with a solution to mitigate the risk of these vulnerabilities. The paper PDF file will be updated accordingly.
IIS Shortname Scanner PoC – Source Code: http://code.google.com/p/iis-shortname-scanner-poc/
PoC Video:
Click here to download the paper.
Download Link:
http://soroush.secproject.com/downloadable/microsoft_iis_tilde_character_vulnerability_feature.pdf
This is because of the underlying Windows APIs called for retrieving the filename.
Same issues are available in PHP on a Windows server and have already been reported.
awesome discovery
Pingback: IIS短文件和文件夹泄漏漏洞 | we8i
hey,
I just found it also perfectly working on .net 4.0 as well.
interesting…
is it enough to install .net 4 on web server? or website must be running under .net 4 as well?
Pingback: [email protected] » IIS短文件和文件夹泄漏漏洞
can this method find folder ?
i think that this method is possible to find file only
how do this method find folder?
i don’t know understand
Cheers for useful content in your blog post Microsoft IIS tilde character “~” Vulnerability/Feature – Short File/Folder Name Disclosure.
..
Best regards.
Any patch yet? Can’t find information about it..
Thanks
This has been accepted as a feature by Microsoft. There is no patch and you have to follow the best practices.