Full Disclosure mailing list archives
Re: Fwd: Google vulnerabilities with PoC
From: Ulisses Montenegro <ulisses.montenegro () gmail com>
Date: Mon, 17 Mar 2014 11:11:57 -0300
Let's try some scenarios and if those can be pulled out then I'd say it's safe to assume this is an issue: 1. Upload a webshell (in a war, php, asp[x], jsp or similar file) and have it executed by YouTube; 2. Upload a malicious file (pdf, swf, jar or similar file which exploits a known or unknown vulnerability in the respective aps) and have it served by YouTube; 3. Upload a file which alters the behavior of the YouTube application (i.e., a configuration file, HTML or Javascript template, even a UI image). Otherwise you just uploaded a file which went into a bitbucket, but you have no way of pulling this file out of said bitbucket in a way that can cause harm to either the application or its users. Should YouTube restrict file uploads to known valid mime types? Sure, but that's only how you got the data in there to begin with. It's what happens after the data is in that will make all the difference. On Mon, Mar 17, 2014 at 10:47 AM, Mario Vilas <mvilas () gmail com> wrote:
On Mon, Mar 17, 2014 at 2:25 PM, T Imbrahim <TImbrahim () techemail com>wrote:I definitely would patch my computer if I discovered that somebody could upload files to my computer, even thought if couldn't 'probe' them.1) I don't think you understood the meaning of the word "probe" in this context, Nikolas, 2) Does that mean you believe Dropbox is vulnerable to remote file upload too? -- “There's a reason we separate military and the police: one fights the enemy of the state, the other serves and protects the people. When the military becomes both, then the enemies of the state tend to become the people.” _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
-- “If debugging is the process of removing software bugs, then programming must be the process of putting them in.” - *Edsger Dijkstra*
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Fwd: Google vulnerabilities with PoC, (continued)
- Re: Fwd: Google vulnerabilities with PoC Michal Zalewski (Mar 15)
- Re: Fwd: Google vulnerabilities with PoC Pedro Ribeiro (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Źmicier Januszkiewicz (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Pedro Ribeiro (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC T Imbrahim (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Mario Vilas (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Gichuki John Chuksjonia (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Mario Vilas (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Joxean Koret (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC T Imbrahim (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Mario Vilas (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Ulisses Montenegro (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Mario Vilas (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC Mario Vilas (Mar 17)