Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

RobTex Directory Traversal

Comments

  • #2
    nitr0s
    Closed Accounts Posts: 19 nitr0s


    If you dissassemble the Viking server, you will notice that they implement their own "wee" HTTP protocol which contains alot of bugs.
    X-Viking: is an acceptable header making the above current problem of directory traversal exploitable (no details, if you cared)regardless of patches and configuration.It doesn't matter that the remote system has the appropriate configuration or patch.
    Its a matter of research.
    As an example, the proxy server works like this:

    c:\nc -vn 127.0.0.1 8080

    GET / HTTP/1.1
    Host: locahost:8080

    The proxy server will take the "Host" header as the client and connect locally in a continuous loop consuming all available memory before crashing the system the proxy runs on.

    This is simple locally using a web browser,
    http://localhost:8080/
    ,remotely would just mean supplying the "host" header with localhost:8080 as the destination.

    The system running Viking would loop connections to itself requesting what you had sent it, eventually eating all available memeory and halting the system it operates on.

    Its basically a DoS attack, yeah..its lame.
    Requesting over 100kb's to the webserver simply restarts the application.


Advertisement