B2evo Dev Blog Personal World Issues

Developer Blog

My rambles, thoughts, and developments, for everything to do with web development

WebCT 4.x Javscript Session Stealer Exploits

Wednesday, Mar 05th, 2008

PermalinkCategories: Documents   English (AU)

WebCT 4.x Javscript Session Stealer Exploits

214 words, 2144 views, 05:51:34 pm. 
 

WebCT 4.x Javascript Session Stealer Exploits

Software: WebCT Campus Edition 4.x (http://secunia.com/product/3280/)
Affected Version: 4.1.5.8
Discoverer: Benjamin “balupton” Lupton
Date Discovered: November 2005
Date Reported: 25/06/2007
Software Author Contacted (again) on: 20/07/2007
Date Published: 05/03/2008

Published At:
http://www.balupton.com/blogs/dev?title=webct_session_stealer_exploit
http://www.balupton.com/documents/webct_exploits.txt
http://seclists.org/fulldisclosure/2008/Mar/0051.html
http://www.securityfocus.com/bid/28107/info
http://secwatch.org/advisories/1020585/
http://secunia.com/advisories/29227/

Attack Type:
Javascript Session Stealer Exploit.

Description:
Mail & Discussion Board messages are not properly checked for javascript, allowing javascript to perform a session stealing attack (allowing the attacker to be logged in as the victim).

Tested On:
Attacks were tested fully on eCentral TAFE’s WebCT System in November 2005 (with permission of staff),
and again on Curtin University’s WebCT System in June 2006 (but this time only to see if the javascript will run).

Action Taken:
Contacted TAFE lecturers and administrators, who didn’t really care.
Contacted WestOne multiple times, but never recieved any response.
Then contacted Secunia, which would not publish as the discoverer did not own their own copy of the software in question.
Published as WebCT is being phased out, with Blackboard being the replacement.

Steps:

Read the full report here: http://www.balupton.com/documents/webct_exploits.txt

Leave a commentTrackback (0)Permalink
Emailbalupton

Developer Blog

Developer Blog

Here you can find information on projects that I have worked on, complexities and solutions to problems I have faced, beneficial information like tips n' tricks that I find fit, and anything else that is remotely related.

For anything b2evo related, check here.

February 2010
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28

Search




Categories

Archives

Choose skin

Linkblog

General

Blogs

  • Permalink37Signals Blog

    Brilliant blog that provides professional posts about the industry and things to help you improve.

  • PermalinkAjaxian

    DHTML for the 21st century, Driving up web developer wages world-wide, The Web Renaissance is here, Because you need to have the coolest rounded corners.

  • PermalinkJohn Resig

    John Resig is a JavaScript Evangelist for the Mozilla Corporation and the author of the book ‘Pro Javascript Techniques.’ He’s also the creator and lead developer of the jQuery JavaScript library. He’s currently located in Boston, MA.

  • PermalinkNeowin (Tech Journalism)

    The main site I use to get all my tech news. It also has a great forum.

Services / Products

  • PermalinkAptana Studio

    Why? Aptana Studio offers unparalleled tooling for Ajax including HTML, CSS, DOM, and JavaScript editing and debugging, plus support via additional free plugins for PHP, Ruby on Rails, Adobe AIR, Apple iPhone development.

  • PermalinkFacebook

    The next big thing on the web. A Social Networking Revolution. It has a great dev api allowing you to build applications for it.

  • PermalinkFirefox Extension: Adblock Plus

    Blocks all adverts.

  • PermalinkFirefox Extension: Edit Cookies

    Lets you view, create, and edit cookies.

  • PermalinkFirefox Extension: Firebug

    Lets me debug my javascript work, and inspect the DOM of a website easily.

  • PermalinkFirefox Extension: Greasemonkey

    Lets you make (or install other) javascript scripts that are attached to specified pages. Mainly used to change the display of a page to your liking “permanently".

  • PermalinkFirefox Extension: Html Validator

    When viewing the html source of the page, it highlights the code, displays validation information (and suggested fixes) for lines with problems, as well as a “cleanup” button that fixes everything.

  • PermalinkFirefox Extension: Quick Java

    Provides two little buttons in the status bar which you can click to turn on or off java and javascript.

  • PermalinkFirefox Extension: Tab Mix Plus

    Allows me to make tabs behave and display exactly the way I want them to.

  • PermalinkFirefox Extension: Tamper Data

    Lets you easily modify and view data within page request headers as they are happening. You can also allow or deny requests. Great for hacking.

  • PermalinkFirefox Extension: User Agent Switcher

    Lets you easily switch your user agent to another inside firefox. You can also create your own user agent headers.

  • PermalinkFirefox Extension: Web Developer

    Provides a lot of functions and things that you can use to help with the website development process.

  • PermalinkGoogle Personalized Home

    Keeps me up to date with all I care about in my chosen theme.

  • PermalinkjQuery (Javascript Library)

    jQuery is a fast, concise, JavaScript Library that simplifies how you traverse HTML documents, handle events, perform animations, and add Ajax interactions to your web pages. jQuery is designed to change the way that you write JavaScript.

  • PermalinkMicrosoft Windows Live Messenger

    How I chat with my peers.

Misc

XML Feeds

What is RSS?