Azure IIS Tilde "~" Vulnerebility

asked 2020-01-23T07:06:30.233+00:00
Chinz 2013 6 Reputation points

My client got a website and right now doing the penetration test. However my test keep failed on the windows short file disclosure issue. You can refer the link as i posted https://forums.iis.net/p/1248972/2158325.aspx?Re+IIS+Custom+Error+Page+not+working+for+

Each time enter https://www.website.com/*~1, my application will return Error 404 instead of custom error page. My client is using Azure VM Server 2012R2 and running IIS 8.5 at the moment.

I've tried the following:

1. Deny URL sequence with "~" in Request Filtering in IIS.  
2. Used URL rewrite with pattern (^[^\?]\~.\?.$)|(^[^\?]\~.*$), action: Abort Request  
3. Tried URLScan 3.1 but seem no more working for IIS 8.5.  
4. Tried with new project and create only 1 html file for test.  
5. Disabled NtfsDisable8dot3NameCreation under registry.  
6. Scanned c:\inetpub and there is 0 window short file name.  
7. Run windows update   

All above with no luck. If you got better solution,

Azure Virtual Machines
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
4,561 questions
No comments
1 vote