You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
DESCRIPTION: I found a vulnerability in this project where I am able to brute force the add_customer function X number of times which may result in website breakage.
IMPACT:
If the server or web host has a maximum limit of queries to be stored, this attack can exceed it and exploit the server/host by brute forcing the function request "limit+X" number of times. If it's a web hosting, the hosted project will be deleted/banned by the providers leading to data loss of this admin panel users. If it's a server, the server might go down because of storage fill.
HOW TO FIX:
Add a Rate Limiting functionality to this function and other related functionalities as well.
Hello @chetans9,
DESCRIPTION: I found a vulnerability in this project where I am able to brute force the add_customer function X number of times which may result in website breakage.
VULNERABILITY: No Rate Limiting
AFFECTED FUNCTIONALITY: Adding Customer (data) Functionality
PROOF OF CONCEPT:
Just visit: "http://freecs9.epizy.com/core-php-admin/customers.php" and you can literally see that I created a sample 500 customers. :)
IMPACT:
If the server or web host has a maximum limit of queries to be stored, this attack can exceed it and exploit the server/host by brute forcing the function request "limit+X" number of times. If it's a web hosting, the hosted project will be deleted/banned by the providers leading to data loss of this admin panel users. If it's a server, the server might go down because of storage fill.
HOW TO FIX:
Add a Rate Limiting functionality to this function and other related functionalities as well.
FOR REFERENCE:
https://helloacm.com/easy-rate-limit-in-php-using-simple-strategy-an-api-example/
https://stackoverflow.com/questions/4257678/php-rate-limiting-client
http://timoh6.github.io/2015/05/07/Rate-limiting-web-application-login-attempts.html
https://security.stackexchange.com/questions/116113/rate-limit-login-attempts-count-by-ip-or-username
https://code.tutsplus.com/tutorials/how-to-build-rate-limiting-into-your-web-app-login--cms-22133
SOME LIBRARIES FOR EASIER FIX & SECURITY:
https://github.com/sunspikes/php-ratelimiter
https://github.com/davedevelopment/stiphle
https://github.com/touhonoob/RateLimit
#SecuringOpenSource - @mufeedvh
Best Regards,
Mufeed VH (@mufeedvh)
The text was updated successfully, but these errors were encountered: