![]() If (file_exists(APPPATH.'config/config.php') & is_null(Yii::app()->request->getPost('InstallerConfigForm'))) ',"."\n" įile_put_contents(APPPATH.'config/config.php', $sConfig) * installation should proceed further or not. * Based on existance of 'sample_installer_file.txt' file, check if However, the way LimeSurvey implements that restriction is a big surprise: /** The vulnerabilityįor most web applications, once installed, it is reasonable that you should be restricted to access the installer of the application again. With that belief in mind, I quickly grabbed its source code and started auditing, only to realize later that my assumption turned out to be wrong. I thought to myself that for an uncommon software like this, it should take no more than 5 minutes to find a RCE. The reason was pretty simple: LimeSurvey is a name I had never heard of before. A day in 2018, I was participating in a bug bounty program, and this target caught my attention: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |