Muximux icon indicating copy to clipboard operation
Muximux copied to clipboard

Published 20 hours ago verified publisher icon mescon

Security issues

Open bahbah opened this issue 7 years ago • 3 comments

Hi,

I believe these URLs are open

http://[YourMuximux]/secret.txt

Using the value in that txt file, you can view the log: http://[YourMuximux]/muximux.php?secret=XXXXX&action=log

Or you can write to the log. Not sure what the size limit is here. I guess someone could exploit it and fill up your server with garbage. http://[YourMuximux]/muximux.php?secret=XXXXX&action=writeLog&msg=Blah

Cheers.

bahbah avatar Jul 17 '17 09:07 bahbah

Shows an empty page for me.

http://i.imgur.com/IU61cW8.png

RafaelSchridi avatar Aug 06 '17 20:08 RafaelSchridi

Hey!

While muximux doesn't contain perfect security by no means, this particular problem is a non-issue as far as I can tell. Can you show a proof of concept? Also, we encourage all users to always secure their installation with Basic Auth or other means of securing it.

I tried doing what you wrote, but the log file is not written to in this scenario.

Thanks for your report nevertheless.

mescon avatar Aug 06 '17 22:08 mescon

FWIW - I've already addressed this in the working codebase I've got local on my machine. Secret.txt is no longer, and the key is stored in the protected config file with other settings.

Just got a few more days on UI work, then I'll have these changes committed to the develop branch.

d8ahazard avatar Aug 17 '17 21:08 d8ahazard