Closed
Description
A vulnerability was found in the way as the URI are validated. The plugin check the configuration rules against possible encoded URIs.
PoC
Configuration sample:
[RULES]
Deny_URL /test/
To bypass such rule, we just need to make a request like:
http://yourhost/%2ftest/
Migrated from http://bugs.monkey-project.com/ticket/186
{
"status": "assigned",
"changetime": "2013-06-17T15:44:46",
"description": "A vulnerability was found in the way as the URI are validated. The plugin check the configuration rules against possible encoded URIs.\n\n\nPoC\n---\n\nConfiguration sample:\n[RULES]\n Deny_URL /test/\n\nTo bypass such rule, we just need to make a request like:\n http://yourhost/%2ftest/\n",
"reporter": "felipensp",
"cc": "",
"resolution": "",
"_ts": "1371483886187070",
"component": "Security Plugin",
"summary": "Bypass protected directory by Monkey HTTPD - Mandril security plugin",
"priority": "major",
"keywords": "",
"version": "",
"time": "2013-06-14T17:17:38",
"milestone": "",
"owner": "edsiper",
"type": "defect"
}Metadata
Metadata
Assignees
Labels
No labels