Skip to content

Commit

Permalink
[HOTFIX][SECURITY] Fixes an SSRF vulnerability report from positive t…
Browse files Browse the repository at this point in the history 
…echnologies (#2373)

Address: GHSA-wpff-wm84-x5cx
  • Loading branch information
@ajinabraham
ajinabraham committed Apr 4, 2024
1 parent 6bce5a2 commit 43bb71d
Show file tree
Hide file tree
Showing 4 changed files with 196 additions and 111 deletions.
2 changes: 1 addition & 1 deletion mobsf/MobSF/init.py
View file
Expand Up @@ -10,7 +10,7 @@

logger = logging.getLogger(__name__)

VERSION = '3.9.7'
VERSION = '3.9.8'
BANNER = """
__ __ _ ____ _____ _____ ___
| \/ | ___ | |__/ ___|| ___|_ _|___ // _ \
Expand Down
20 changes: 13 additions & 7 deletions mobsf/StaticAnalyzer/views/common/shared_func.py
View file
Expand Up @@ -255,18 +255,23 @@ def get_avg_cvss(findings):
def open_firebase(url):
# Detect Open Firebase Database
try:
invalid = 'Invalid Firebase URL'
if not valid_host(url):
logger.warning('Invalid Firebase URL')
logger.warning(invalid)
return url, False
purl = urlparse(url)
if not purl.netloc.endswith('firebaseio.com'):
logger.warning(invalid)
return url, False
base_url = '{}://{}/.json'.format(purl.scheme, purl.netloc)
proxies, verify = upstream_proxy('https')
headers = {
'User-Agent': ('Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1)'
' AppleWebKit/537.36 (KHTML, like Gecko) '
'Chrome/39.0.2171.95 Safari/537.36')}
resp = requests.get(base_url, headers=headers,
proxies=proxies, verify=verify)
proxies=proxies, verify=verify,
allow_redirects=False)
if resp.status_code == 200:
return base_url, True
except Exception:
Expand All @@ -279,11 +284,12 @@ def firebase_analysis(urls):
firebase_db = []
logger.info('Detecting Firebase URL(s)')
for url in urls:
if 'firebaseio.com' in url:
returl, is_open = open_firebase(url)
fbdic = {'url': returl, 'open': is_open}
if fbdic not in firebase_db:
firebase_db.append(fbdic)
if 'firebaseio.com' not in url:
continue
returl, is_open = open_firebase(url)
fbdic = {'url': returl, 'open': is_open}
if fbdic not in firebase_db:
firebase_db.append(fbdic)
return firebase_db


Expand Down

0 comments on commit 43bb71d

Please sign in to comment.