cerebro icon indicating copy to clipboard operation
cerebro copied to clipboard

Published 20 hours ago verified publisher icon lmenezes

SSRF security vulnerability

Open murangoo opened this issue 4 years ago • 3 comments

murangoo avatar Mar 19 '20 13:03 murangoo

I said the bug,ssrf security vulnerability

charles2j avatar May 09 '20 06:05 charles2j

v0.9.0 still exists ssrf, need to consider all api

charles2j avatar May 09 '20 06:05 charles2j

This could be causing this injection?

# chkrootkit
...
Searching for Linux.Xor.DDoS ...                            INFECTED: Possible Malicious Linux.Xor.DDoS installed
/tmp/sqlite-3.23.1-6226c38c-5d11-45d7-a193-627d77bc0ba2-libsqlitejdbc.so
...

# lsof /tmp/sqlite-3.23.1-6226c38c-5d11-45d7-a193-627d77bc0ba2-libsqlitejdbc.so
COMMAND PID    USER  FD   TYPE DEVICE SIZE/OFF NODE NAME
java    800 cerebro mem    REG    8,1   968800 2140 /tmp/sqlite-3.23.1-6226c38c-5d11-45d7-a193-627d77bc0ba2-libsqlitejdbc.so

In my case there where added bitcoin miner kinsing and some other stuff kdevtmpfsi... luckily only on a testing instance which can be dropped if not repairable...

Reiner030 avatar Sep 02 '20 16:09 Reiner030