Is Symlink Attack A threat For Web Hosting Companies?


A Symlink Aka symbolic link is a virtual link pointing to a file in a directory. In shared Linux environment hard disk space in divided in several parts for different account. When proper security measures are not taken it may happen a shared hosting account can take over to another shared hosting account on same server by launching symlink attack. Certain measures have been taken by companies to block these types of attack and they have build their own private patches to harden server security. But what are you doing to stop symlink? Search online you will get solutions like blocking follow symlink or changing some settings in httpd.conf. Enough post or solutions are still not available online to provide full proof security. There are many ways and means to bypass those settings and initiate symlink attacks to break server security but I am not going to explain how to do it. Lets see how this attack can be initiated.

How It’s Done?

Well just by passing a proper symlink query will do the job.


ln -s target_file_path new_file_name

Suppose you have a site a WordPress site on a cpanel server and its user is xyz and another user just have to run ln -s /home/xyz/public_html/wp-config.php wo.txt to get that file. This will get full source code of that file and known as full file disclosure vulnerability. Run the symlink attack on your server to make sure you are safe.

In case you need help feel free to contact us.