[Owasp-modsecurity-core-rule-set] About file upload with trojan horse detect

Ryan Barnett ryan.barnett at breach.com
Thu Aug 13 11:47:27 EDT 2009


On Thursday 13 August 2009 05:02:47 am Junyong Jiang wrote:
> Dear all,
>
> Right now, I have a problem with the file upload with trojan horse.
> Unfortunately, there are no modsecurity rules for checking the upload-file
> contents, either the file type.
>
> Could some one offer your own testing rules of detecting the "file upload
> with trojan horse" behavior for me to study?
>
> Thanks in advance.

Could you please provide more details about what the issue is?  I am guessing 
that you want to try and identify is a client uses a file upload interface 
(that your application offers) to upload a webpage that allows for executing OS 
commands, etc...  Is this accurate?  

-- 
Ryan C. Barnett
WASC Distributed Open Proxy Honeypot Project Leader
OWASP ModSecurity Core Rule Set Project Leader
Tactical Web Application Security
http://tacticalwebappsec.blogspot.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20090813/995feeea/attachment.html 


More information about the Owasp-modsecurity-core-rule-set mailing list