Simple tip for identifying Sharepoint site (server information leakage)

Just the other day, when implementing a new Sharepoint solution I spotted a strange behaviour in Sharepoint 2010.


For the current solution some querystring parameters had to be passed around between various pages. One of these parameters happened to have a name of "id". When using this I started seeing a strange behaviour on my Sharepoint site. Suddenly it started throwing exceptions when navigating to pages with this parameter.

After testing it on some other websites (that I knew to be Sharepoint sites) I succeeded in invoking the same behaviour and thus forcing a exception to be thrown.


An example can be seen here

Based on the issue and the behaviour of Document libraries it seems to be related somehow to the fact that pages are stored in document libraries and then when adding the "id" parameter to the url, Sharepoint begins searching for a item with that id in the library, which it may have trouble finding and then throwing an error.


This is most likely by design, but it also leaks information about the website and if not locked down properly it might even reveal information about the server running the site.


So always remember using af custom error page on a public facing website to prevent information leakage.

Comments are closed