New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Security: celah upload script php melalui surat masuk #887

Closed
Snoopy-Sec opened this Issue Mar 27, 2018 · 14 comments

Comments

3 participants
@Snoopy-Sec

Snoopy-Sec commented Mar 27, 2018

Mas webnya ada bug :) path yang mas banyak yang masih ada bugnya :)

@eddieridwan

This comment has been minimized.

Collaborator

eddieridwan commented Mar 27, 2018

@Snoopy-Sec : harap beri rincian bug yang anda temukan supaya bisa ditangani.

@Snoopy-Sec

This comment has been minimized.

Snoopy-Sec commented Mar 28, 2018

Di open SID yang ver 2.3 tingkatin lagi mas, terutama bagian galeri bisa di tamper data mas, bisa upload shell/backdoor si attacker :)

@eddieridwan

This comment has been minimized.

Collaborator

eddieridwan commented Mar 28, 2018

@Snoopy-Sec : jangan cek di versi lama -- ada rilis baru setiap tgl 1; semua pengguna dianjurkan untuk selalu update.

Cek di versi terkini: https://github.com/OpenSID/OpenSID/releases. Saat ini v2.10, nanti tgl 1 April akan dirilis v2.11 (versi pra-rilis dapat diunduh di https://github.com/OpenSID/OpenSID). Atau cek di website demo di http://sid.bangundesa.info.

@Snoopy-Sec

This comment has been minimized.

Snoopy-Sec commented Mar 28, 2018

Saya bukan pengguna SID mas cuman pentest web SID aja, v2.10 dengan 3.10 beda vendor? 3.10 juga memiliki bug yang sama mas :)

@eddieridwan

This comment has been minimized.

Collaborator

eddieridwan commented Mar 29, 2018

SID CRI 3.10 dikembangkan oleh Combine Resource Institution, lembaga non-pemerintah. OpenSID awalnya dikembangkan dari SID CRI 3.04 dan juga menggabungkan fitur SID CRI 3.10. OpenSID dikembangkan oleh Komunitas OpenSID, komunitas open source (https://www.facebook.com/groups/OpenSID/).

Silakan pentest OpenSID v2.10 di http://sid.bangundesa.info, dan beritahu secara rinci celah yang anda temukan supaya bisa ditangani.

@eddieridwan

This comment has been minimized.

Collaborator

eddieridwan commented Mar 29, 2018

@Snoopy-Sec : bagaimana, sudah lakukan pentest pada OpenSID v2.10? Apa hasilnya?

@Snoopy-Sec

This comment has been minimized.

Snoopy-Sec commented Mar 30, 2018

Bug di statistik data/arsip masih belum di filter buat file ext php mas :) ada celah buat si attacker :)

System: Linux mocha3015.mochahost.com 3.10.0-714.10.2.lve1.4.79.el6h.x86_64 #1 SMP Thu Jan 4 14:26:00 EST 2018 x86_64
User: eddier (1055) Group: ? (1051)
Server IP: 198.38.82.225

@eddieridwan

This comment has been minimized.

Collaborator

eddieridwan commented Mar 30, 2018

@Snoopy-Sec , di menu mana celah itu (di menu Statistik tidak ketemu)? Mohon beri penjelasan, supaya bisa segera diperbaiki. Terima kasih.

@Snoopy-Sec

This comment has been minimized.

Snoopy-Sec commented Mar 30, 2018

Ada bug di surat masuk, belum di filter ext filenya mas :) Attacker bisa upload backdoor mas :)
Mohon di perbaiki :)

screenshot 74

@eddieridwan eddieridwan changed the title from Mutiple Vulnerability to Security: Celah unggah script di menu surat masuk Mar 31, 2018

@eddieridwan eddieridwan added this to DIPRIORITASKAN in Rilis yang sedang dikerjakan Mar 31, 2018

@esyede

This comment has been minimized.

Contributor

esyede commented Apr 1, 2018

Terimakasih @Snoopy-Sec

@Snoopy-Sec

This comment has been minimized.

Snoopy-Sec commented Apr 1, 2018

Open SID v.2.11 masih ada celahya pak :)
Setelah saya scan coba perhatikan path /desa/upload/user_pict/aEG1ZM_up.php
Disitu ada uploader tersembunyi yang sangat memungkin attacker bisa upload backdoor :)
Mohon di tutup ya pak :)

screenshot 75

@Snoopy-Sec Snoopy-Sec changed the title from Security: Celah unggah script di menu surat masuk to Security: Hidden Uploader Apr 1, 2018

@eddieridwan

This comment has been minimized.

Collaborator

eddieridwan commented Apr 1, 2018

@Snoopy-Sec : terima kasih. Tapi jangan ganti nama issue yang sedang/sudah dikerjakan. Buat issue baru untuk celah baru yang anda temukan. Issue dikerjakan satu per satu. Satu issue hanya boleh satu masalah. Kalau anda ganti nama issue yg sedang dikerjakan atau menambah masalah, akan membingungkan. Jadi mohon buat issue baru. Terima kasih.

@eddieridwan eddieridwan moved this from DIPRIORITASKAN to SEDANG DIKERJAKAN in Rilis yang sedang dikerjakan Apr 1, 2018

@eddieridwan eddieridwan changed the title from Security: Hidden Uploader to Security: celah upload script php melalui surat masuk Apr 1, 2018

@esyede

This comment has been minimized.

Contributor

esyede commented Apr 1, 2018

Terimakasih @Snoopy-Sec . Nice catch! 👍.
Seperti saran pak @eddieridwan, silahkan langsung dibuatkan issue baru agar teman - teman lebih mudah untuk mengirim pull request.

@eddieridwan

This comment has been minimized.

Collaborator

eddieridwan commented Apr 4, 2018

Sudah dicommit ke master melalui PR #898.

@eddieridwan eddieridwan closed this Apr 4, 2018

@eddieridwan eddieridwan moved this from SEDANG DIKERJAKAN to SUDAH DI MASTER in Rilis yang sedang dikerjakan Apr 4, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment