[SECURITY!!] ManiaFlash Security bug

Discuss all the publishing tools, including ManiaHome, ManiaPub, ManiaFlash and ManiaPress in this forum

Moderator: NADEO

Post Reply
User avatar
toffe
Posts: 782
Joined: 15 Jun 2013, 10:57
Manialink: maniaflash?toffe
Location: The Netherlands
Contact:
Contact toffe

[SECURITY!!] ManiaFlash Security bug

Post by toffe »

I found a security bug in ManiaFlash. :shock:

I can post on any maniaflash if i want (see edit, seems not all). I opened a maniaflash article on the maniahome screen. Then type in Maniaflash in the manialink browser and click on my channels. You can see the channels from the owner of the article you clicked on the ManiaHome screen.

Nadeo team, please pm me for the details about where it is possible. I wil reply the channel + messageid used.

EDIT: Only got it working by one specific maniaflash channel for some reason. The only thing I can see that there are adde some more parameters to the link in the browser. (code and manialib-sid sometimes also nonce).

Happy new year,
Toffe
Top
User avatar
magnetik
Nadeo
Nadeo
Posts: 1678
Joined: 01 Feb 2012, 19:13
Location: Bordeaux
Contact:
Contact magnetik

Re: [SECURITY!!] ManiaFlash Security bug

Post by magnetik »

It seems that you have been victim (or perpetrator :p) of a session hijacking : if a player shares his session ID in the url (when he has cookies turned off) and then share the URL, you can inherit his session.

There are a few thing that we can, and will, do. Thanks for the report :thumbsup:
ManiaPlanet technical documentation portal (Dedicated, ManiaLink, ManiaScript, Titles...) -- contribute!
Top
Post Reply

Return to “Ingame Publishing”

Who is online

Users browsing this forum: No registered users and 1 guest