[Owasp-modsecurity-core-rule-set] About file upload with trojan horse detect

Ryan Barnett ryan.barnett at breach.com
Thu Aug 13 11:47:27 EDT 2009

On Thursday 13 August 2009 05:02:47 am Junyong Jiang wrote:
> Dear all,
> Right now, I have a problem with the file upload with trojan horse.
> Unfortunately, there are no modsecurity rules for checking the upload-file
> contents, either the file type.
> Could some one offer your own testing rules of detecting the "file upload
> with trojan horse" behavior for me to study?
> Thanks in advance.

Could you please provide more details about what the issue is?  I am guessing 
that you want to try and identify is a client uses a file upload interface 
(that your application offers) to upload a webpage that allows for executing OS 
commands, etc...  Is this accurate?  

Ryan C. Barnett
WASC Distributed Open Proxy Honeypot Project Leader
OWASP ModSecurity Core Rule Set Project Leader
Tactical Web Application Security
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20090813/995feeea/attachment.html 

More information about the Owasp-modsecurity-core-rule-set mailing list