# Exploit Title: Remote URL Upload feature of XFileSharing Pro is
vulnerable and allow to accessing to local file system of server
# Google Dork: "Remote URL Upload" or "Powered by XFileSharing Pro"
# Date: 2013/11/26
# Exploit Author: Omid Raha
# Author Home Page: http://omidraha.com
# Author Contact: http://ir.linkedin.com/in/omidraha
# Vendor Homepage: http://sibsoft.net
# Software Link: http://sibsoft.net/xfilesharing.html
# Version: 2.1 ( and older versions: 2.0, 1.9, 1.8, 1.6, 1.5)
# Security Risk: High
# Solution - Fix & Patch: Disable `allow_url_fopen` in php.ini and
validate input field in Remote URL Upload form.
About XFileSharing Pro:
XFileSharing Pro is SibSoft's advanced, professional file sharing
script. Over 500 of our clients are currently using this powerful
platform.
(Read more about that here: http://sibsoft.net/xfilesharing.html#about)
Description:
I found that `sibsoft XFileSharing Pro version 2.1` is vulnerable in
`Remote URL upload` section.
The `Remote URL upload` section of it, inside the regular `http://` or
`ftp:://` styles, also allow to using other URL-style protocols such
as `file://`
And so you can address to a local file system of that server for
example: `file:///etc/passwd` in Remote URL Upload form,
And then after upload progressing finished, now that file is available
and downloadable through the regular download process.
Demo:
using dork Google keys and then go to the Remote URL Upload form
section, and follow above description guide.
Best regards.
# ..|OR
vulnerable and allow to accessing to local file system of server
# Google Dork: "Remote URL Upload" or "Powered by XFileSharing Pro"
# Date: 2013/11/26
# Exploit Author: Omid Raha
# Author Home Page: http://omidraha.com
# Author Contact: http://ir.linkedin.com/in/omidraha
# Vendor Homepage: http://sibsoft.net
# Software Link: http://sibsoft.net/xfilesharing.html
# Version: 2.1 ( and older versions: 2.0, 1.9, 1.8, 1.6, 1.5)
# Security Risk: High
# Solution - Fix & Patch: Disable `allow_url_fopen` in php.ini and
validate input field in Remote URL Upload form.
About XFileSharing Pro:
XFileSharing Pro is SibSoft's advanced, professional file sharing
script. Over 500 of our clients are currently using this powerful
platform.
(Read more about that here: http://sibsoft.net/xfilesharing.html#about)
Description:
I found that `sibsoft XFileSharing Pro version 2.1` is vulnerable in
`Remote URL upload` section.
The `Remote URL upload` section of it, inside the regular `http://` or
`ftp:://` styles, also allow to using other URL-style protocols such
as `file://`
And so you can address to a local file system of that server for
example: `file:///etc/passwd` in Remote URL Upload form,
And then after upload progressing finished, now that file is available
and downloadable through the regular download process.
Demo:
using dork Google keys and then go to the Remote URL Upload form
section, and follow above description guide.
Best regards.
# ..|OR
0 comments:
Post a Comment