Microsoft IIS directory enumeration

Description

Kayran has detected the Microsoft IIS directory enumeration vulnerability.
By using the tilde character (“~”) in a GET or OPTIONS requests, it allows “guessing” short names and extensions of files and directories which have an 8.3 file naming scheme equivalent in Windows versions of Microsoft IIS.

Such vulnerability may lead to an issue especially for .Net based websites which are vulnerable to direct URL access (also known as path aliasing).
An attacker could find important files and folders that are not supposed to be accessible (and visible) to everyone.

Recommendation

To prevent this vulnerability, make sure to discard all web requests that are using the tilde character (“~”).
Also, add a registry key named :  
NtfsDisable8dot3NameCreation
to
HKLM\SYSTEM\CurrentControlSet\Control\FileSystem

Set the value of the key to 1 to mitigate all 8.3 name related conventions found on the server.

References

https://social.msdn.microsoft.com/Forums/en-US/3772293e-b91c-42e6-8516-9bf6184238b6/directory-enumeration-possible-on-web-server?forum=iissecurity

< Return to all Vulnerabilities

Active Directory Hacking

What does Active Directory mean? The Active Directory infrastructure is a critical infrastructure in most organizations, and it forms the backbone of the organization’s computing

Read More »

What is a CWE ?

Similar to the article written on CVEs, in this article we will answer the questions :What is CWE ? and, what is the difference between

Read More »