Many movie websites, forums or other organizations allow users to upload movies or exchange files to facilitate members or members to upload, because only allow this permission, users can upload files, but this permission in the FTP server allows breakpoints to be transmitted, can cause a lot of problems.
FTP server programs that allow breakpoints to be transmitted again must support a "Rest" command, if the command is used before the upload command (send command) to tell the FTP server that the file I am uploading will be written from the location of the file that exists in the FTP server.
Suppose there is a file Readme.txt in the FTP server, the file size is 1000 bytes, connect to this FTP server (assuming I have write permission, FTP server is to support breakpoint retransmission), I also have a local name Readme.txt file, file size of 500 bytes Well, I started doing bad things.
1, connected to this FTP server (with the system from the ftp://ftp.exe/, in the intranet may not be used, because the ftp://ftp.exe/with the port mode)
2, dir (view Readme.txt size, determined is 1000 bytes)
3. Quote Rest 1000 (Tell the FTP server that the file I am going to send is starting from file location 1000)
4, Send Readme.txt
5, dir (see Readme.txt size again, now README.) TXT becomes 1500 bytes.)
Why is the Readme.txt getting bigger? Very simple, because my local Readme.txt 500 bytes uploaded successfully, and written to the FTP server in the presence of the 1000 bytes Readme.txt file. The problem is that in the second command, if there is no second command, my 4th command (Send Readme.txt) will get a permission deny error, and the second command is to have the FTP server trust the operation that we are going to make a breakpoint again, without the second command, The FTP server will assume that we are doing an operation that covers the original file (the original file operation requires additional permissions before it can be performed).
Here, we should understand the meaning of the topic, through very simple operation, any user with write permission, can change other users upload files, this alone, there is a large security loophole. If you're uploading an important file, arbitrary modifications can cause the file to be completely corrupted, and if it is an executable or some zip or rar file, will there be some genius lunatic who is familiar with the various file structures, adding some malicious code to those files, causing the executor system to be compromised or executing their backdoor code or something else, Since I'm not familiar with these file structures, I'm just saying this is an unknown number.
But in the computer world, a lot of impossible things in the end are made possible, so I can not make a conclusion. But can only damage to the file, it is very destructive, think of a 500M film and television files, was added byte into the words, it is estimated that can no longer be viewed, the program to play these files will generally say that is not a legitimate film and television files, can not play and so on. As for Zip,rar and other documents, WinZip or WinRAR will certainly say that the compressed file has been damaged, CRC check code is wrong and so on.
This problem only exists in the FTP service that allows breakpoints to be transmitted again, but now 90% of FTP services are allowed to be transmitted again, so this problem exists on a universal FTP server.
If you must upload permissions to the user, the best way to prevent the user is to create a directory for him, the user's permissions are completely locked in this directory, then the user does not have the right to view other users of the directory, that is, can not cause the above mentioned damage.
As mentioned above in the Serv-u V4.0 test, the test platform is win 2K Server. If there is no such problem with other FTP service programs, that is not covered in this article. Now the Windows system to set up an FTP server, using the most popular or serv-u, so administrators should pay more attention. This article is not to teach people to do bad things, if you use this method to destroy FTP server files, the only person responsible is you. Quote the words of a Cologne novel: "The knife itself is not wrong, the wrong is to take its hand."