This topic contains 1 reply, has 1 voice, and was last updated by 
-
Posts
-
Hello,
I am undergoing a skills aptitude test and need some help.
This is the code I was provided:fn get_doc(fileName: String) -> String { let fileName = "./Documents".to_string() + &fileName; let fileName = str::replace(&fileName, "./", "//"); let fileName = str::replace(&fileName, "..//", "");I have deduced that this is written with Rust because of how the function is declared, but when looking up str::replace(), this appears to be written with Kirby ( but it’s not ). Hastebin saves it as a javascript file, but this isn’t how Javascript declares functions. What language is this?
Moving on, trying to pick this apart to find the vulnerabilities. The first line of the get_doc() function appends the contents of fileName to the directory making this file path:workingDirectory/Documents/fileName
The next two lines are presumably input sanitizing, removing parent directory path calls and changing them to working directory calls.
Possibly there is a vulnerability using the escape character to bypass input sanitation? If so, I can not think of how to conduct a proof of concept for this.Do you know what the language is? Do you see any vulnerabilities in this code? Is this client-side or server-side?
I would like to add that I consider this to be method vulnerable to Directory Traversal. Now I just need to think of an input that would result in unexpected output. In addition, the code doesn’t do any input sanitation for file types, so a user could exploit this method for accessing documents or executing malicious scripts. In addition, a user could enter a blank input and this would run the
Documentsscript. Am I correct?
You must be logged in to reply to this topic.