文章作者:Umair Manzoor (Umz)
信息来源:邪恶八进制信息安全团队(
www.eviloctal.com)
ABSTRACT:
WEBMIN is a system configuration tool for Unix-like systems. It has a webbased
interface for configuring all the internals of the operating system.
WEBMIN is basically use for Remote Administration of Servers. Remote
Administration refers to any method of controlling a computer from a remote
location. It consist of a simple web server, and a number of CGI programs which
directly update system files. All the modules and web server is coded in PERL
5.Almost all of the development is done by Jamie Cameron along with other
individuals who provide patches and additional modules.
Why there is a need of remote administration? Companies like ISPs and
Telecoms need this facility to deal with their servers in case of faults. Fault can
be define as "An incorrect step, process, or data definition in a computer
program" as we all know that software can posses more faults then hardware
because they are much vulnerable to user abuse. Most of the time software
failures (Denial of Service) are caused by faults which then leads to system
failure in some cases. Some time advantage can be taken of these faults to gain
access to the system or may occur in leakage of sensitive information. Similar
type of fault (bug) was detected in WEBMIN which allows an arbitrary file
disclosure of the server that may cause an unauthorized access to the server.
The bug is specifically named as Cross-site-scripting bug (XSS) which I exploited
can threat to gain access to the system or possibly get sensitive information like
DNS entries/account details etc. In this paper I will discuss how can we use
these types of bugs for our sole purposes, possible threats to these types of bugs
and how to beat them. I will also detail the procedure of exploit I coded and how
to test these types of vulnerabilities before using these softwares.
There are many possible solutions to this problem but as a matter of fact
no system is secured if it has number of services running on it.
[
本帖最后由 eviloctal 于 2008-3-26 01:06 编辑 ]
