To prevent being exploitable by Fuzzing attacks, it is important to secure all endpoints that should not be publicly accessible. Examples for such security measures are the following:
- Disable directory listing on your server. This can easily be done by adding "Options -Indexes" into the .htaccess file. If directory listing is enabled, a user can navigate to a folder and if there is no index
-file located, the server will return a list of all containing folders instead.
- If you use version control to develop your application, never publish the meta data folders to your production/development servers. .git .svn folders and so forth contain all non-compiled files including their development history and offer very detailed information on how the application works. These folders may also include passwords, usernames and other credentials.
- If you have an admin endpoint, secure it with credentials that contain secure passwords for each user. In addition to a normal username/password form, these endpoints can be secured by basic auth .htaccess protection.
- If you provide files on your webserver, these should not be directly accessible. So instead of providing your users with the following url: "http://www.example.com/files/invoice42.pdf", they should receive the download over a URL like this: " ". This servers multiple purposes: The application can first confirm if the user is actually allowed to access this file and additionally the user cannot simply execute fuzzing on the folder directly and try to access other files.
You are facing an issue that is not covered in our guides, we are happy to include solutions here. Please send us an e-mail to firstname.lastname@example.org.
Crashtest Security is a Munich, Germany based start-up that redefines web application vulnerability scans. The Crashtest Security Suite is differentiating itself as a fully automated vulnerability scanner enhanced with artificial intelligence developed for the needs of the agile developer or SecDevOps. Clear vulnerability insights are provided as well as contextual actionable insights for risk mitigation.
For more information visit https://crashtest-security.com