I am having a Django application with file upload feature. I am using Clamav to scan the file for viruses. I want to prevent CSV injection in my application too. I found this stackoverflow link related to it, but is of no help. Please suggest how to prevent CSV injection in my Django application with ClamAV.
Asked
Active
Viewed 1,460 times
0
-
perhaps you ask for a python solution built into the django application, then this question is more focused? – gelonida Jan 04 '20 at 12:18
-
Alternatively ask in a separate question, whether ClamAV can detect CSV files with potential CSV injection cells. (independently of django) I personally could only help with a python solution, but ClamAV specialists might jump in. However this question is probably better asked on https://superuser.com/ – gelonida Jan 04 '20 at 12:43
-
1concerning your most recent edit: You wrote: Please suggest how to achieve CSV injection in my Django application with ClamAV. You probably mean: Please suggest how to achieve detection of CSV injection in my Django application with ClamAV. – gelonida Jan 04 '20 at 12:45
-
question updated – Sachin Singh Jan 05 '20 at 10:03
1 Answers
2
Look at the definition of CSV Injection (this link can be found in your SO link) https://www.owasp.org/index.php/CSV_Injection
in short:
When a spreadsheet program such as Microsoft Excel or LibreOffice Calc is used to open a CSV, any cells starting with '=' will be interpreted by the software as a formula. Maliciously crafted formulas can be used for three key attacks:
You can prevent this attack by:
This attack is difficult to mitigate, and explicitly disallowed from quite a few bug bounty programs. To remediate it, ensure that no cells begin with any of the following characters:
Equals to ("=") Plus ("+") Minus ("-") At ("@")
I don't know how to do this with ClamAV as I don't use it, but you could write a small python function reading the file and ensuring that no cell starts with any of above characters.
gelonida
- 5,327
- 2
- 23
- 41