I found a security bug in ManiaFlash.
I can post on any maniaflash if i want (see edit, seems not all). I opened a maniaflash article on the maniahome screen. Then type in Maniaflash in the manialink browser and click on my channels. You can see the channels from the owner of the article you clicked on the ManiaHome screen.
Nadeo team, please pm me for the details about where it is possible. I wil reply the channel + messageid used.
EDIT: Only got it working by one specific maniaflash channel for some reason. The only thing I can see that there are adde some more parameters to the link in the browser. (code and manialib-sid sometimes also nonce).
Happy new year,
Toffe
[SECURITY!!] ManiaFlash Security bug
Moderator: NADEO
- toffe
- Posts: 782
- Joined: 15 Jun 2013, 10:57
- Manialink: maniaflash?toffe
- Location: The Netherlands
- Contact:
[SECURITY!!] ManiaFlash Security bug
ManiaCalendar: http://maniacalendar.com / manialink
ManiaCDN: topic
PyPlanet: Python Server Controller
ManiaCDN: topic
PyPlanet: Python Server Controller
Re: [SECURITY!!] ManiaFlash Security bug
It seems that you have been victim (or perpetrator :p) of a session hijacking : if a player shares his session ID in the url (when he has cookies turned off) and then share the URL, you can inherit his session.
There are a few thing that we can, and will, do. Thanks for the report
There are a few thing that we can, and will, do. Thanks for the report
ManiaPlanet technical documentation portal (Dedicated, ManiaLink, ManiaScript, Titles...) -- contribute!
Who is online
Users browsing this forum: No registered users and 0 guests