07-02-2025, 10:48 AM
Hello FEMBOYS and GENTLEMANS, today we will be discussing a vulnerability I found in larmacussmall.org!
I dont know if this vulnerability fits into the SSRF (Serverside request forgery) or information disclosure.
So basically the proxy.php (php file that proxies external content)
appears to:
1. Send a proxied request to the external cotent (to cache it)
2. When a user loads up on a page with the image, instead of their request going through proxy.php, it goes through unproxied.
NOTE: This is only a speculation I made while looking at the site through burp suite
Therefore, by opening a user profile / opening a thread with malicious replies, the attackers have your:
- Useragent (browser information)
- IP (internet a.. yeah you know what this is)
This is probably going to be fixed soon due to this thread (also the exploit is very incosistent)
Don't worry, i'm currently testing .org I will let you guys know about other findings
I dont know if this vulnerability fits into the SSRF (Serverside request forgery) or information disclosure.
So basically the proxy.php (php file that proxies external content)
appears to:
1. Send a proxied request to the external cotent (to cache it)
2. When a user loads up on a page with the image, instead of their request going through proxy.php, it goes through unproxied.
NOTE: This is only a speculation I made while looking at the site through burp suite
Therefore, by opening a user profile / opening a thread with malicious replies, the attackers have your:
- Useragent (browser information)
- IP (internet a.. yeah you know what this is)
This is probably going to be fixed soon due to this thread (also the exploit is very incosistent)
Don't worry, i'm currently testing .org I will let you guys know about other findings
Filler
"I develop xkeyscore."
