PtokaX forum

PtokaX => Bugs => Topic started by: Rahim on 15 October, 2011, 15:05:44

Title: PtokaX 0.4.2.0 Win32 GUI => path traversal, read files, execute files
Post by: Rahim on 15 October, 2011, 15:05:44
http://www.1337day.com/exploits/17064
Title: Re: PtokaX 0.4.2.0 Win32 GUI => path traversal, read files, execute files
Post by: PPK on 15 October, 2011, 16:06:57
Fixed... but i don't count that as exploit. From Lua is possible to read and execute everything  :P
Title: Re: PtokaX 0.4.2.0 Win32 GUI => path traversal, read files, execute files
Post by: Rahim on 15 October, 2011, 16:42:19
its not exploit! :)

https://devilteam.pl/ptokax0.4.2.0.txt
Title: Re: PtokaX 0.4.2.0 Win32 GUI => path traversal, read files, execute files
Post by: bastya_elvtars on 15 October, 2011, 17:40:19
The first two PoC's contain:
Quotenow go to Settings "Scripts" tab

which requires access to the GUI itself. If you have access to the GUI, you have access to the whole OS, then why try via PtokaX? :)
Lua code execution (PoC3) also requires that you place the 'malicious' Lua code to the machine running PtokaX, which also requires privileges.
Title: Re: PtokaX 0.4.2.0 Win32 GUI => path traversal, read files, execute files
Post by: Rahim on 15 October, 2011, 17:50:06
 
Quote from: bastya_elvtars on 15 October, 2011, 17:40:19
The first two PoC's contain:
which requires access to the GUI itself. If you have access to the GUI, you have access to the whole OS, then why try via PtokaX? :)
Lua code execution (PoC3) also requires that you place the 'malicious' Lua code to the machine running PtokaX, which also requires privileges.

Yes but can be used to privileges escalation in local machine, PoC3:  if you have apache in server and some www/forum can upload evil lua code into server and run, or in linux run any file from /tmp