Reputation: 495
Strange .jsp file being created in one of dll folders in a legacy ASP.NET application
We have an very old ASP.NET web application deployed in IIS. It's written in VB.NET and has ApplicationInsight reference. We have been informed of a strange file being created in one of the folders and the file being deleted on its own as well.
The name of the file is
yjxnzgi4.jsp
and its created in the following folder,
C:\PathToMyApplicationFolder\AppData\Local\Microsoft\ApplicationInsights\VeryLongGUIDlikecharacters\yjxnzgi4.jsp
The application is very old but it has no feature like file upload.
The infrastructure team have given stats that the file was created and deleted by w3wp.exe.Both of those happened pretty much on the same time.
Is there a security issue in this application? Does IIS create files like these usually?
Upvotes: 0
Views: 34
Answers (1)
Reputation: 107
As far as I know, IIS itself does not create .jsp files. JSP files are usually related to Java applications, running on Apache Tomcat, not IIS, so your application has security issues.
You can review IIS logs, Windows event logs, and any Application Insights telemetry for unusual activity, especially around the time the file was created.
Upvotes: 0
Related Questions
- Web Application Problems (web.config errors) HTTP 500.19 with IIS7.5 and ASP.NET v2
- ASP.NET MVC on IIS 7.5 - Error 403.14 Forbidden
- Access to file write.lock in ASP.NET web application writing a Lucene search index
- Handler "ExtensionlessUrlHandler-Integrated-4.0" has a bad module "ManagedPipelineHandler" in its module list
- IIS AppPoolIdentity and file system write access permissions
- What is the App_Data folder used for in Visual Studio?
- DLL configuration file in asp.net site
- Compiling ASP.NET application - Web Site vs Web Application - Placeholder aspx file with specified dll names
- Batch create ASP.net application folders IIS 7