alvinsiew / ldap-self-service Goto Github PK
View Code? Open in Web Editor NEWThe purpose of LDAPSS portal is to allow user to be able to change their OpenLDAP user password on their own. More services will be added in future.
License: MIT License
The purpose of LDAPSS portal is to allow user to be able to change their OpenLDAP user password on their own. More services will be added in future.
License: MIT License
The current code contains a severe security vulnerability which results in arbitrary shell command execution with the rights of the user running the service. If you follow the README's installation instructions, this is the root user, resulting in immediate total system compromise.
The problematic code is here: https://github.com/alvinsiew/ldap-self-service/blob/main/internal/web/web.go#L20-L21
cmd := "ldappasswd -H " + ldapADDR + " -x -D cn=" + u + "," + userDN + " -w " + op + " -s " + np
out, err := exec.Command("bash", "-c", cmd).Output()
If the attacker enters a new password containing a semicolon, everything following it is executed as bash commands. To validate: Enter as new password "whatever ; touch /tmp/hacked" (all other fields don't matter) and validate that the file /tmp/hacked now exists.
Solution: Don't shell out for changing the password but use a Go LDAP library like https://pkg.go.dev/github.com/go-ldap/ldap/v3#Conn.PasswordModify instead.
this looks great but it would not help with the lost passwort problem.
could you add the lost passwort via email
and a ohter methode you can modfiy for example exec a tool that gets as an paramater a token (that was sat as password by your software) and the other infos int he tree like mobiel phonenummer .... you get he idea
so in my case i can then forward this toeken to the sendsms tool with the infos you only have to document the the parameters
ex. ldapss-<sms|email|....> -t token .p phone - e email -x ......
but mobilephone and email woudl be a gret start.
wfg
Mario
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.