473,735 Members | 2,091 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

iusr_<srvr> has read write perm's to wwwroot\<folder > and to a SQL server db, can this be easily exploited?

We have an application where the iusr_<srvr> has write NTFS
permissions to a folder under the wwwroot (i.e. wwwroot\folder) and
also there is a SQL Server database where we must give the iusr_<srvr>
read and write permissions on the database in order for the
application to work. Anonymous access is enabled on the default web
site where this web app is located.

Because we are using the iusr is there simple exploit code that could
allow someone to, for example, write a script that uses anonymous user
to exercise the permissions that iusr has.

I was under the impression that the iusr was used "when NT can't find
a user to use and anonymous access is enabled".

Is there a gaping hole in security or is the "use/exploitation" of the
iusr protected/limited??????

Thanks
Jul 19 '05 #1
1 2775
Hi,

When IIS wishes to access resources (eg files on the disk) it needs to
impersonate a Windows User Account. That account's permissions are checked
against the NTFS ACL on the resource in question. If you are forcing the
user to authenticate, then the supplied user credentials are used. If you
are using anonymous authentication, then IIS will impersonate the nominated
account (IUSR_<machinen ame>).

Whether this is exploitable or not depends on a lot of things:
a) Do you have exploitable code? Can someone use SQL Injection, or XSS or
similar to get your application to do something that you don't want? If so,
then they can use whatever permissions you have given IUSR to manipulate the
file system

b) Is your server properly configured? Have you secured WebDav (for
example)? If your server itself is not secured, then the attacker can use
whatever permissions IUSR has to make changes to the file system.

Cheers
Ken

"Brett" <br********@hot mail.com> wrote in message
news:88******** *************** ***@posting.goo gle.com...
: We have an application where the iusr_<srvr> has write NTFS
: permissions to a folder under the wwwroot (i.e. wwwroot\folder) and
: also there is a SQL Server database where we must give the iusr_<srvr>
: read and write permissions on the database in order for the
: application to work. Anonymous access is enabled on the default web
: site where this web app is located.
:
: Because we are using the iusr is there simple exploit code that could
: allow someone to, for example, write a script that uses anonymous user
: to exercise the permissions that iusr has.
:
: I was under the impression that the iusr was used "when NT can't find
: a user to use and anonymous access is enabled".
:
: Is there a gaping hole in security or is the "use/exploitation" of the
: iusr protected/limited??????
:
: Thanks
Jul 19 '05 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

18
4893
by: jas | last post by:
Hi, I would like to start a new process and be able to read/write from/to it. I have tried things like... import subprocess as sp p = sp.Popen("cmd.exe", stdout=sp.PIPE) p.stdin.write("hostname\n") however, it doesn't seem to work. I think the cmd.exe is catching it.
5
5081
by: searcher1234 | last post by:
Hi, I just start learning network programming. How can I write a web server with "C" so that it can connect to web browser and read the request, accept the request, open requested html page, send it back to the web browser for user viewing. One more is how can i allow multi-users send request to the web server?
8
31011
by: Patrik Malmström | last post by:
How do I read, write a file binary? I want to open, say, file.exe read it in to the program, then write it out to file2.exe. Like file copy, anyone have a code sample?
4
2200
by: Feng Chun | last post by:
Hi, need help for this. In asp.net, when I do a load balancing on my website, which means there are 2 or more servers behind, one of my webpage needs to read/write a temp file in the server. But the client's first request may go to the first server, but the second request goes to the second server, so there is a chance that the request could not find the correct file to read/write. how to solve this issue?
10
2545
by: Tibby | last post by:
I need to read/write not only text files, but binary as well. It seems like on binary files, it doesn't right the last 10% of the file. -- Thanks --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.538 / Virus Database: 333 - Release Date: 11/10/2003
3
5741
by: Nikolay Petrov | last post by:
Why I always get 'Requested registry access is not allowed' when i try to Read/Write to Windows Registry from ASP service. I use ASP NET account? Also granted full permissions to required Registry keys. What is the problem? TIA
3
9709
by: madsornomads | last post by:
Hi all, I have a problem with reading from a Java server after I have written to it - it just hangs. It works fine if I just write to the server and not try to write. I have read the HOWTO on sockets - and it states that there is a problem (something about flushing), but not what the solutions is. Nor do google. Can somebody please help? A few lines down you can see the example code that sums up the problem. Just change the name of...
3
2686
by: Ryan Liu | last post by:
Will TcpClient.GetStream().Read()/ReadByte() block until at least one byte of data can be read? In a Client/Server application, what does it mean at the end of stream/no more data available? Client could send data once few seconds of minutes. Is there an "end" at all? In a C/S application, if server side call BeginginRead() again in EndRead() to create a endless loop to get message from client, is this a better approach than "one...
10
6180
by: Zytan | last post by:
I have a TcpClient. I set the read/write timeouts at 1 minute (in milliseconds). I get a NetworkStream from it and confirm the timeouts still exist. I do a NetworkStream.Write() and then a NetworkStream.Read(). Sometimes it sits and waits -- on the Write() or the Read() -- for 15 minutes before I get fed up and close the app..... I am not connecting to a TcpListener. I am connecting to a Socket with ProtocolType.Tcp, which is...
2
4532
by: Zytan | last post by:
I just had the problem occur again, with NetworkStream.Write() doing its thing with a timeout... and it just sits and waits and waits and waits... it never times outs. So, I shut the server down just to see if THAT will make it at least end the function call and continue (since it's a synchronous call, so the program is delayed until it returns), and even THAT doesn't make the call end. It just sits and waits... Even IF I have a bug...
0
8784
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9462
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
9199
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
0
8199
agi2029
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...
0
6049
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
4558
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...
0
4821
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
3270
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system
3
2187
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.