Common Directories Detection

info Web App Scanning Plugin ID 98072

Synopsis

Common Directories Detection

Description

Scanner has detected a common directory on the remote web server.

Web applications are often made up of multiple files and directories. It is possible that over time some directories may become unreferenced (unused) by the web application and forgotten about by the administrator or developer. Because web applications are built using common frameworks, they contain common directories that can be discovered (independent of server).

During the initial reconnaissance stages of an attack, cyber-criminals will attempt to locate unreferenced directories in the hope that the directory will assist in further compromise of the web application. To achieve this, they will make thousands of requests using word lists containing common names. The response headers from the server will then indicate if the directory exists.

Solution

If directories are unreferenced, then they should be removed from the web root and/or the application directory.
Preventing access without authentication may also be an option and can stop a client from being able to view the contents of a file; however, it is still likely that the directory structure will be able to be discovered.
Using obscure directory names is implementing 'security through obscurity' and is not a recommended option.

See Also

http://httpd.apache.org/docs/2.0/mod/mod_access.html

http://projects.webappsec.org/w/page/13246953/Predictable%20Resource%20Location

https://www.nginx.com/resources/admin-guide/restricting-access-auth-basic/

https://www.owasp.org/index.php/Forced_browsing

Plugin Details

Severity: Info

ID: 98072

Type: remote

Family: Web Servers

Published: 3/31/2017

Updated: 1/3/2024

Scan Template: api, basic, full, pci, scan