Directory Browsing

Vulnerability Name: Directory Browsing on [Domain name]

Vulnerability Description: The application is vulnerable to directory browsing. The web server is misconfigured to allow directory indexing which will expose any files or subdirectories stored within the directory. Directory browsing may expose information that attackers can use to glean information about vulnerabilities in the application or infrastructure

[Don't forget to add your vulnerability description, the one given above is general description]

Steps to Reproduce: [Create your own according to the workflow of website]

Proof-of-concept: Snapshots or video link attached

Impact: Users may be able to access sensitive information on the web server by browsing directly to the directory listing. The files contained within the directory may reveal sensitive information or provide attackers with information regarding versions, platform information, and source code that may help uncover vulnerabilities in the application or infrastructure.

Attack Scenario: [Create your own according to the workflow of website]

Remediation:

  1. Configure the web server to disallow directory browsing unless specifically required. Ensure sensitive information is removed from application directories and utilize access control lists to prevent access when necessary.

    In IIS:

    Open IIS Manager and navigate to the level you want to manage. In Features View, double-click Directory Browsing. In the Actions pane, click Enable if the Directory Browsing feature is disabled and you want to enable it.

    In Apache:

    Add the following line to your .htaccess file.Options -Indexes

References:

OWASP https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_Directory_Indexing

CWE 548

https://cwe.mitre.org/data/definitions/548.html