Windows FAT Filesystem Advisory: Recursive directory creation can be used as a Denial of Service attack against Windows* servers that allow anonymous FTP upload, and any that allow users to create directories and execute files.
bab71ed1bea79436a1c61aa4bc40f4b35f976ddc2c6b334802cf7cc588f083dc
Windows FAT Filesystem Advisory
It appears that Windows' FAT file system can be messed up by creating a long enough series of recursive
directories. After a certain point is reached, directories cannot be deleted. Because each directory added to the file
allocation takes up a certain amount of space, this can be considered a denial of service attack against the Windows
filesystem, allowing a user able to create directories to consume disk space. Microsoft's scandisk does not correct
this problem (do any commercial products?). Windows cannot delete the directory, claiming it is in use. And running
deltree against it seems to hang the system. So better lock down that anonymous ftp upload directory!
I fired this off in 20 minutes after discovering a clever script I made messed up my filesystem. I'm sure I have
made a few technical errors and would love corrections. I would appreciate any specific observations about behavior
of this on various filesystems and platforms, and any workarounds or fixes found. If you find anything or just want
to comment email xm <xm@geekmafia.dynip.com>. And be sure to check out our main site <http://GeekMafia.dynip.com/>!
Sample Code (pissy.bat)
mkdir y
cd y
C:\pathto\pissy.bat
fatalert.shtml modified Friday, 05-Feb-1999 22:39:02 EST xm@geekmafia.dynip.com Copyright 1998, 1999 Geek
Mafia and xm. They may be redistributed freely at no cost in its original form.