Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Bug reports, feature enhancements or other complaints with the site, with us or just tell us what a miserable existance you have. No death threats or poetry please. Just kidding, no poetry please. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Drupal, is it a real problem?
Posted by: dotnet_1
Date: February 01, 2009 04:01PM

hi everyone,

yesterday, when i was playiing around some friends website using drupal i've notice the following.
drupal have two options for mapping URL, the first uses the "?q=" in the querystring and the other just append "node" or the page name after the website adress directly.

in the second case iif we type for example http:// drupalsiteexample/someword, the webste will respond that the page doesn't exist and it will show the search page filled with "someword".

but it doesn't end here, it also maps the action of the search form to domething like this action="/someword"

so consider the following url http:// drupalsiteexample/http:// google.com, then the site will claim that google.com doesnt exist but it'll map the action of the search page to http:// google.com. (I tried it and it works).

what if we design a page that looks like a drupal admin page and then added its adress to drupal's URL and instructs sommeone (the admin evidently) to perform a serach...

well am not sure exactly how to implement such an attack, but do u think that such an attack is possible? and if yes, what kind of attack is that? and finally anyone can provide a complete senario of such attacks!!!

thanx very much all.

Options: ReplyQuote
Re: Drupal, is it a real problem?
Posted by: p0deje
Date: December 18, 2009 09:57AM

It maps not to http://google.com, but to /http://google.com.
So URL is to be internal and incomplete

---------
http://p0deje.blogspot.com

Options: ReplyQuote


Sorry, only registered users may post in this forum.