a.) Leaving a web.configBACKUP.txt file sitting in the root folder. Suddenly your connection strings are accessible on the internet!!!
b.) Leaving a index.php.bak file out in the web folder. Suddenly your server-side php code could be accessible to the attacker!!!
c.) Leaving a db.mdb.bak out in the web folder. Suddenly a copy of your database is accessible!!!
The bad news is, I've seen developers do this on purpose and accident. It might even get checked into their source control and then auto-deployed out! I've also seen SysAdmins do this too for example when they're doing a website update or perhaps troubleshooting a Production issue. It's CRITICAL that as developers and sysadmins you clean-up/remove your backup file artifacts from production.
The bad guys can use this to grab passwords, data, code, and much more that could allow them to get just enough information to break into your system.
The even worse news? I see bad guys running generic random queries across the entire internet searching for these .bak , .backup, etc. files, so if you have one our there already, they may have already found it and utilized it against you. So take the time to clean your production server now, and remember to put a process in place so those files never get out there again!
More about neonprimetime
Top Blogs of all-time
- pagerank botnet sql injection walk-thru
- DOM XSS 101 Walk-Through
- An Invoice email and a Hot mess of Java
Top Github Contributions
Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.