.NET Secure File Handling

HomeSecure Programming Exercises.NET Secure File Handling

.NET Secure File Handling

The files that are stored in subdirectories are vulnerable to path traversal attacks. Extract the file name from the input, and use the Path class to limit files to a particular directory.

Objective

This lab provides information about how to secure files from path traversal attack effects with a resource injection code attack on all available URLs, and it teaches how to:

.NET Secure File Handling

Implement the classes available in the System.IO namespace to secure files

Scenario

To manipulate and secure unmanaged files, you must really understand how the System.IO works. .NET framework allows you to manipulate files including read, write, and append. The System.IO namespace contains various classes for file handling that allow reading and writing of files and data streams, and also provides basic file and directory support.

.NET Secure File Handling

Secure Programming Exercises / .NET Secure File Handling contains the following Exercises:

Protect Files from Path Traversal Attacks
Protecting Applications against Canonicalization Attacks
Securing Your Static Files
Adding Role Checks to File Access
Reliable Ways of Securing File I/O
Virtual Path Mapping Using MapPath
Secure File Extension Handling

The Virtual Private Cloud for this Lab set utilizes:

Microsoft Windows Server 2008Steve Graham2014-08-14T17:55:19-04:00

Permalink
Gallery
Microsoft Windows Server 2008

Secure Programming Exercises are available as part of the following subscription:

CEHproductimage

Each subscription provides 6 months access to 68 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Secure Programming Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.

Lab exercises are included for:

Input Validation and Output Encoding
.NET Authentication and Authorization
Secure Session and State Management
.NET Cryptography
.NET Error Handling, Auditing, and Logging
.NET Secure File Handling
.NET Configuration Management and Secure Code Review

Price: $199

Add to Cart

View Cart

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Others