.DS_Store

The .DS_Store file is a hidden file (period at the start) created by the Finder application in macOS. It is typically used to enhance user experience by storing folder-specific metadata.

Due to possible misconfigurations, .DS_Store files may be accidentally exposed on web servers. This can lead to disclosure of sensitive information such as directory structure, file names, metadata and more. Such information can be heavily leveraged by an attacker — for example, to perform directory traversal, discover hidden files, expose additional endpoints, thereby increasing the overall exploitation scope. These factors contributes to the attacker's information gathering efforts and can aid in further exploitation of the system.

GitHub - gehaxelt/Python-dsstore: A library for parsing .DS_Store files and extracting file namesGitHub

The tool provided in the link above can be used to view the contents of a .DS_Store file:

# From the Github link above
$ python3 main.py <path_to_dsstore>
.vscode
...
...

# eg.
$ python3 main.py ./samples/.DS_Store.ctf
Count:  6
favicon.ico
flag
static
templates
vulnerable.py
vulnerable.wsgi

.DS_Store Vulnerabilities | A Guide to Understanding and PreventionWebAsha Technologies

PreviousMisconfigurations NextReadings

Last updated 11 months ago