Cpanel consists of a wide range of applications, one of which is a file manager, whose function is to manage the files in the hosting account. With a file manager, a user can delete, create, edit files in the file system.
File manager in cpanel there are two, namely the "File Manager" and "Legacy File Manager". Both compounds differ only in the matter of appearance only. Legacy is a version with a more simple and not too much use of javascript. But in terms of both functionality is relatively the same, only the addition of features compressed, extract in its modern version.
Persistent XSS Attack by Crafting Malicious File Name
Both types cpanel file manager vulnerable to XSS attacks. Cpanel file manager does not filter the file name displayed on the web so that an attacker can inject script or html code by creating files with names containing the html code and javascript.
Viewed from the level of danger, the attack on the Legacy File Manager is more dangerous because just by looking at just the file name that is sent malicious code to be executed attacker browser. In the standard file manager, cpanel successfully filter out dangerous characters from the file name so that malicious code is not executable in the file list page. However, cpanel apparently forgot to filter the task delete, copy, move, code / html editor, compress, change permissions. In order for an attacker execute malicious code browser, the victim must choose the file with checkboxes, and then do one of: delete, copy, move, edit, compress, or change permissions.
So it is clear that this is more dangerous of XSS attacks on the Legacy File Manager, because the victim does not need to do anything else than to see a list of files in a folder. Therefore in this article at hosting murah indonesia indositehost.com I will focus the discussion on attacks on the Legacy File Manager but with the exploit that could work in both types of file manager.
0 comments:
Post a Comment