- État Fermée
- Pourcentage achevé
- Type Anomalie
- Catégorie Freebox OS → API
- Assignée à Personne
- Système d'exploitation Tous
- Sévérité Haute
- Priorité Très Basse
- Basée sur la version 3.0.2
- Due pour la version Non décidée
-
Échéance
Non décidée
- Votes
- Privée
Ouverte par Benoit934 - 20/02/2015
Dernière modification par rfliedel - 20/02/2015
FS#16318 - Faille de découverte de code ??
voila le retour que j’ai eu sur la page : http://mafreebox.freebox.fr/api/v1/login/authorize/N
{”success”:true,”result”:{”status”:”granted”,”challenge”:[”var _heldx = { _zxaw: ‘Mnctpig’ }; _heldx._zxaw.charAt(eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%30%2E%36%30%29%20%2B%20%30%20%2D%20%31’)))”,”var _puozv = { _fcrs: ‘_kvfrav’ }; _puozv._fcrs.charAt(eval(unescape(’%33’)))”,”var _dqloymg = ‘_lgqm’;var _qrirhfm = new RegExp(_dqloymg.charAt(eval(unescape(’%30’))), ‘g’);String.fromCharCode(_dqloymg.replace(_qrirhfm, ‘C’).charCodeAt(eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%30%2E%36%36%29%20%2B%20%30%20%2D%20%31’))))”,”decodeURIComponent(’%’ + (eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%34%38%2E%36%39%29%20%2B%20%38%20%2D%20%31’))).toString(eval(unescape(’%76%61%72%20%5F%62%63%79%73%20%3D%20%7B%20%5F%71%6D%62%64%77%64%3A%20%31%34%20%7D%3B%20%5F%62%63%79%73%2E%5F%71%6D%62%64%77%64%20%2B%20%32’))))”,”var _yywc = ‘_znbmmj’;var _nhrv = new RegExp(_yywc.charAt(eval(unescape(’%76%61%72%20%5F%6F%6D%72%72%72%73%71%20%3D%20%7B%20%5F%6B%6B%68%76%66%63%79%3A%20%31%20%7D%3B%20%5F%6F%6D%72%72%72%73%71%2E%5F%6B%6B%68%76%66%63%79%20%2B%20%35’))), ‘g’);String.fromCharCode(_yywc.replace(_nhrv, ‘l’).charCodeAt(eval(unescape(’%76%61%72%20%5F%6E%6C%68%6D%63%6C%6E%68%20%3D%20%31%3B%76%61%72%20%5F%78%71%71%71%72%20%3D%20%30%3B%76%61%72%20%5F%63%72%67%6C%6F%74%20%3D%20%27%5F%6B%72%78%71%7A%27%3B%5F%6E%6C%68%6D%63%6C%6E%68%20%2A%20%5F%63%72%67%6C%6F%74%2E%6C%65%6E%67%74%68%20%2B%20%5F%78%71%71%71%72’))))”,”decodeURIComponent(’%’ + (eval(unescape(’%28%28%37%32%20%2A%20%38%20%2D%20%32%38%38%29%20%2F%20%34%29’))).toString(eval(unescape(’%31%36’))))”,”decodeURIComponent(’%’ + (eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%32%30%2E%39%38%29%20%2B%20%33%33%20%2D%20%31’))).toString(eval(unescape(’%28%28%31%36%20%2A%20%33%36%20%2D%20%32%38%38%29%20%2F%20%31%38%29’))))”,”‘z’“,”var _fdhrsh = ‘_plwvdls’;var _xdnzcu = new RegExp(_fdhrsh.charAt(eval(unescape(’%76%61%72%20%5F%63%68%75%6E%7A%65%20%3D%20%30%3B%76%61%72%20%5F%78%71%66%6B%72%68%61%20%3D%20%37%3B%76%61%72%20%5F%70%6D%6D%73%64%7A%6E%77%20%3D%20%27%5F%67%6E%6C%76%61%72%72%27%3B%5F%63%68%75%6E%7A%65%20%2A%20%5F%70%6D%6D%73%64%7A%6E%77%2E%6C%65%6E%67%74%68%20%2B%20%5F%78%71%66%6B%72%68%61’))), ‘g’);String.fromCharCode(_fdhrsh.replace(_xdnzcu, ‘A’).charCodeAt(eval(unescape(’%37’))))”,”‘z’“,”var _yetaqy = ‘_fjsne’;var _frxwdgog = new RegExp(_yetaqy.charAt(eval(unescape(’%76%61%72%20%5F%72%61%78%6F%20%3D%20%30%3B%76%61%72%20%5F%65%76%65%6D%20%3D%20%33%3B%76%61%72%20%5F%78%74%6F%72%66%74%63%20%3D%20%27%5F%72%6F%6C%77%63%74%66%27%3B%5F%72%61%78%6F%20%2A%20%5F%78%74%6F%72%66%74%63%2E%6C%65%6E%67%74%68%20%2B%20%5F%65%76%65%6D’))), ‘g’);String.fromCharCode(_yetaqy.replace(_frxwdgog, ‘v’).charCodeAt(eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%33%2E%39%38%29%20%2B%20%30%20%2D%20%31’))))”,”var _ddjxrrmi = ‘_eamsplg’;var _wzuikda = new RegExp(_ddjxrrmi.charAt(eval(unescape(’%76%61%72%20%5F%6A%64%78%62%20%3D%20%30%3B%76%61%72%20%5F%62%6B%62%6B%68%74%20%3D%20%33%3B%76%61%72%20%5F%7A%78%6F%65%6D%20%3D%20%27%5F%63%78%68%71%69%77%76%78%27%3B%5F%6A%64%78%62%20%2A%20%5F%7A%78%6F%65%6D%2E%6C%65%6E%67%74%68%20%2B%20%5F%62%6B%62%6B%68%74’))), ‘g’);String.fromCharCode(_ddjxrrmi.replace(_wzuikda, ‘G’).charCodeAt(eval(unescape(’%76%61%72%20%5F%76%78%71%62%75%66%7A%20%3D%20%7B%20%5F%63%66%62%78%3A%20%32%20%7D%3B%20%5F%76%78%71%62%75%66%7A%2E%5F%63%66%62%78%20%2B%20%31’))))”,”decodeURIComponent(’%’ + (eval(unescape(’%76%61%72%20%5F%6B%62%62%6D%71%73%6E%69%20%3D%20%7B%20%5F%65%74%6B%69%65%6C%3A%20%34%36%20%7D%3B%20%5F%6B%62%62%6D%71%73%6E%69%2E%5F%65%74%6B%69%65%6C%20%2B%20%39’))).toString(eval(unescape(’%76%61%72%20%5F%79%65%68%79%69%75%7A%20%3D%20%7B%20%5F%68%79%7A%6E%3A%20%30%20%7D%3B%20%5F%79%65%68%79%69%75%7A%2E%5F%68%79%7A%6E%20%2B%20%31%36’))))”,”‘f’“,”var _naau = { _zbeuzrue: ‘_pajVta’ }; _naau._zbeuzrue.charAt(eval(unescape(’%34’)))”,”var _mabd = ‘_bsvtpa’;var _mccjr = new RegExp(_mabd.charAt(eval(unescape(’%76%61%72%20%5F%74%67%63%6B%20%3D%20%30%3B%76%61%72%20%5F%78%72%71%61%20%3D%20%31%3B%76%61%72%20%5F%6C%6C%62%70%6F%20%3D%20%27%5F%77%75%72%64%6D%74%76%27%3B%5F%74%67%63%6B%20%2A%20%5F%6C%6C%62%70%6F%2E%6C%65%6E%67%74%68%20%2B%20%5F%78%72%71%61’))), ‘g’);String.fromCharCode(_mabd.replace(_mccjr, ‘1’).charCodeAt(eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%30%2E%39%36%29%20%2B%20%31%20%2D%20%31’))))”,”var _iwgs = ‘_jsadlz’;var _yirdzd = new RegExp(_iwgs.charAt(eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%31%2E%36%35%29%20%2B%20%31%20%2D%20%31’))), ‘g’);String.fromCharCode(_iwgs.replace(_yirdzd, ‘6’).charCodeAt(eval(unescape(’%28%28%32%20%2A%20%33%34%20%2D%20%33%34%29%20%2F%20%31%37%29’))))”,”var _wabt = { _ytdhuux: ‘_rzkzjj’ }; _wabt._ytdhuux.charAt(eval(unescape(’%34’)))”,”‘K’“,”var _trimzgf = ‘_wpjlqcc’;var _rbrvkig = new RegExp(_trimzgf.charAt(eval(unescape(’%33’))), ‘g’);String.fromCharCode(_trimzgf.replace(_rbrvkig, ‘X’).charCodeAt(eval(unescape(’%76%61%72%20%5F%6F%75%68%68%61%20%3D%20%30%3B%76%61%72%20%5F%73%71%78%64%68%79%66%7A%20%3D%20%33%3B%76%61%72%20%5F%74%67%6A%78%6A%20%3D%20%27%5F%6C%6A%6E%69%6E%62%74%6E%27%3B%5F%6F%75%68%68%61%20%2A%20%5F%74%67%6A%78%6A%2E%6C%65%6E%67%74%68%20%2B%20%5F%73%71%78%64%68%79%66%7A’))))”,”var _hwwhun = { _dwluuo: ‘_tqjopm6’ }; _hwwhun._dwluuo.charAt(eval(unescape(’%76%61%72%20%5F%71%78%6D%6F%63%20%3D%20%31%3B%76%61%72%20%5F%61%68%6A%69%6C%65%61%6D%20%3D%20%32%3B%76%61%72%20%5F%61%78%79%65%65%6A%6F%20%3D%20%27%5F%71%65%6C%6E%27%3B%5F%71%78%6D%6F%63%20%2A%20%5F%61%78%79%65%65%6A%6F%2E%6C%65%6E%67%74%68%20%2B%20%5F%61%68%6A%69%6C%65%61%6D’)))”,”decodeURIComponent(’%’ + (eval(unescape(’%28%28%36%37%20%2A%20%35%30%20%2D%20%31%36%37%35%29%20%2F%20%32%35%29’))).toString(eval(unescape(’%31%36’))))”,”var _zoda = ‘_wmcccep’;var _rehijoiw = new RegExp(_zoda.charAt(eval(unescape(’%76%61%72%20%5F%74%75%61%67%20%3D%20%31%3B%76%61%72%20%5F%78%63%68%67%77%65%78%76%20%3D%20%30%3B%76%61%72%20%5F%69%64%6B%6C%6A%69%66%20%3D%20%27%5F%75%6C%75%74%7A%27%3B%5F%74%75%61%67%20%2A%20%5F%69%64%6B%6C%6A%69%66%2E%6C%65%6E%67%74%68%20%2B%20%5F%78%63%68%67%77%65%78%76’))), ‘g’);String.fromCharCode(_zoda.replace(_rehijoiw, ‘g’).charCodeAt(eval(unescape(’%76%61%72%20%5F%72%61%7A%6E%20%3D%20%30%3B%76%61%72%20%5F%78%78%73%7A%65%69%20%3D%20%36%3B%76%61%72%20%5F%72%6D%6C%69%64%75%6D%6E%20%3D%20%27%5F%7A%6F%73%6E%6F%6E%7A%6D%27%3B%5F%72%61%7A%6E%20%2A%20%5F%72%6D%6C%69%64%75%6D%6E%2E%6C%65%6E%67%74%68%20%2B%20%5F%78%78%73%7A%65%69’))))”,”var _trrhqlxa = { _qtgbe: ‘rrbsclc’ }; _trrhqlxa._qtgbe.charAt(eval(unescape(’%76%61%72%20%5F%70%66%74%61%64%74%20%3D%20%7B%20%5F%78%6A%6D%70%3A%20%30%20%7D%3B%20%5F%70%66%74%61%64%74%2E%5F%78%6A%6D%70%20%2B%20%30’)))”,”decodeURIComponent(’%’ + (eval(unescape(’%76%61%72%20%5F%73%63%74%76%61%6B%20%3D%20%31%38%3B%76%61%72%20%5F%72%67%76%70%20%3D%20%33%3B%76%61%72%20%5F%6E%72%63%6F%76%72%75%20%3D%20%27%5F%65%61%79%6C%69%27%3B%5F%73%63%74%76%61%6B%20%2A%20%5F%6E%72%63%6F%76%72%75%2E%6C%65%6E%67%74%68%20%2B%20%5F%72%67%76%70’))).toString(eval(unescape(’%4D%61%74%68%2E%72%6F%75%6E%64%28%36%2E%38%35%29%20%2B%20%31%30%20%2D%20%31’))))”,”var _hree = ‘_zonqf’;var _ihvd = new RegExp(_hree.charAt(eval(unescape(’%76%61%72%20%5F%67%79%6B%66%20%3D%20%30%3B%76%61%72%20%5F%72%66%74%6F%65%6A%20%3D%20%30%3B%76%61%72%20%5F%74%68%78%79%64%66%20%3D%20%27%5F%64%65%65%7A%27%3B%5F%67%79%6B%66%20%2A%20%5F%74%68%78%79%64%66%2E%6C%65%6E%67%74%68%20%2B%20%5F%72%66%74%6F%65%6A’))), ‘g’);String.fromCharCode(_hree.replace(_ihvd, ‘Z’).charCodeAt(eval(unescape(’%28%28%30%20%2A%20%31%30%20%2D%20%30%29%20%2F%20%35%29’))))”,”‘j’“,”var _iznsvu = { _qeiabb: ‘_wzgdvsnf’ }; _iznsvu._qeiabb.charAt(eval(unescape(’%32’)))”,”decodeURIComponent(’%’ + (eval(unescape(’%28%28%36%38%20%2A%20%32%36%20%2D%20%38%38%34%29%20%2F%20%31%33%29’))).toString(eval(unescape(’%28%28%31%36%20%2A%20%35%30%20%2D%20%34%30%30%29%20%2F%20%32%35%29’))))”,”‘3’“,”var _bpaugoya = { _aogt: ‘_luhsksop’ }; _bpaugoya._aogt.charAt(eval(unescape(’%76%61%72%20%5F%63%70%62%6A%74%73%20%3D%20%7B%20%5F%74%67%6F%64%77%66%6C%68%3A%20%32%20%7D%3B%20%5F%63%70%62%6A%74%73%2E%5F%74%67%6F%64%77%66%6C%68%20%2B%20%31’)))”,”decodeURIComponent(’%’ + (eval(unescape(’%28%28%39%37%20%2A%20%33%30%20%2D%20%31%34%35%35%29%20%2F%20%31%35%29’))).toString(eval(unescape(’%31%36’))))”],”password_salt”:”CENSURED”}}
Cela ce reproduit a chaque requêtes et resemble bien a une faille mais ce soir j’ai vraiment la flemme de chercher plus loin et je ne pense qu’il n’y a pas besoin de proff of concept dans tout les cas.
Cordialement.
20.02.2015 13:21
Raison de la fermeture : Ticket invalide
Commentaires de fermeture :
c'est normal
Chargement...
Activer les raccourcis clavier
- Alt + ⇧ Shift + l Se connecter/Se déconnecter
- Alt + ⇧ Shift + a Ouvrir une tâche
- Alt + ⇧ Shift + m Mes recherches
- Alt + ⇧ Shift + t Rechercher par ID de tâche
Liste des tâches
- o Ouvrir la tâche sélectionnée
- j Déplacer le curseur vers le bas
- k Déplacer le curseur vers le haut
Détails de la tâche
- n Tâche suivante
- p Tâche précédente
- Alt + ⇧ Shift + e ↵ Enter Modifier cette tâche
- Alt + ⇧ Shift + w Surveiller
- Alt + ⇧ Shift + y Fermer cette tâche
Édition de la tâche
- Alt + ⇧ Shift + s Enregistrer la tâche