Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

findFilter() returning null for filter when invalid url_suffix used passed to user. #7

Closed
jdhwpgmbca opened this issue Aug 30, 2021 · 1 comment

Comments

@jdhwpgmbca
Copy link
Owner

jdhwpgmbca commented Aug 30, 2021

Describe the bug
Major security bug in CaptureTypeService.findFilter(String url_suffix). If the user specifies a non-existent url_suffix, a null filter will be returned. This is effectively the same as selecting the "all" capture type. Obviously, this is a major security hole.

To Reproduce
Call the API's /api/capture/{type} with any non-registered url_suffix.

Expected behavior
This should cause an error to be returned by the API.

Screenshots
N/A

Desktop (please complete the following information):

  • Any

Smartphone (please complete the following information):

  • Any

Additional context
It should be noted, that this only affects authenticated users. So an unauthenticated user can't capture packets. But this does let authenticated users capture any type of packet very easily.

@jdhwpgmbca
Copy link
Owner Author

Fixed in commit 0f74f43.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant