Security on upload directories

Forum Moderators: coopster

Message Too Old, No Replies

Security on upload directories

surfgatinho

8:07 pm on Sep 22, 2006 (gmt 0)

Have recently found some strange files uploaded to an image directory with 777 permissions.
What I'm wondering is a)what permissions should be set to allow a script to upload pics to a directory and b) how did anyone manage to get these files on to my server. I've tried using a copy() function and won't let me so does this mean they have some kind of user level access?

Thanks in advance

dreamcatcher

11:03 pm on Sep 22, 2006 (gmt 0)

Hi surfgatinho,

I had a similar problem occur earlier this year when a site running an insecure script caused an invulnerability to write files to all directories that were writeable. It affected all files on the server. My hosting company ran a check to rename the files, but I still had to go through all the dirs and remove the files.

Are you on a shared hosting server? Might be another site that has caused the problem. If you are, contact your hosting company.

Psychopsia

11:11 pm on Sep 22, 2006 (gmt 0)

Hi dreamcatcher

About shared server:
So, if another account is hacked, my account can be affected?

jatar_k

11:13 pm on Sep 22, 2006 (gmt 0)

yes, it is very possible

Psychopsia

11:16 pm on Sep 22, 2006 (gmt 0)

But only if the hacker have root access, or with upload injection too?

surfgatinho

10:15 am on Sep 23, 2006 (gmt 0)

So the problem is with a script somewhere on this site or server?

I'd like to fix this, but am also intrigued how this is done. The site is running an open source CMS so there probably is an dodgy script on there somewhere. Any idea what kind of thing I should be on the look out for, i.e. would it be a form/image upload type scipt?