BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability

From: acz [iSecureLabs] (aurelien.cabezon@iSecureLabs.com)
Date: 08/22/01

• Previous message: David B. Harrison: "Cell phone access to email"
• In reply to: David B. Harrison: "Cell phone access to email"
• Next in thread: John Thornton: "RE: Cell phone access to email"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: "acz [iSecureLabs]" <aurelien.cabezon@iSecureLabs.com>
To: <vuln-dev@securityfocus.com>, <nt-securite@ossir.org>
Subject: BadBlue v1.02 beta for Windows 98, ME and 2000  .php Source Code Disclosure Vulnerability
Date: Wed, 22 Aug 2001 11:11:28 +0200
Message-ID: <GCEDJILAIFDLIEDHEIMPEEGNCJAA.aurelien.cabezon@iSecureLabs.com>

-- [ iSecureLabs BadBlue v1.02 beta for Windows 98, ME and 2000
Advisory ] --

BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure
Vulnerability
Problem discovered: 22/08/2001

-- [ Overview ] --

BadBlue http://badblue.com/ is a tiny, free download that lets you share
files, search other
PCs and even run powerful web applications.
Badblue support .php extension.
It is possible to retrieve full .php source code.

-- [ Description ] --

Badblue contains an input validation vulnerability which may lead to
download the full source code of .php pages.
This is due to a lack of checks for NULL bytes.

Exemple:
http://myBadBlue.com/test.php%00

Note: It is possible too to download .dll file used by BadBlue.

Exmeple:
http://myBadBlue.com/ext.dll%00

-- [ Tested Version ] --

BadBlue v1.02 beta for Windows 98, ME and 2000

-- [ Discovered by ] --

Cabezon Aurelien | aurelien.cabezon@iSecureLabs.com
http://www.iSecureLabs.com | French Security portal
http://www.isecurelabs.com/advisory/badblue.html

---

• Previous message: David B. Harrison: "Cell phone access to email"
• In reply to: David B. Harrison: "Cell phone access to email"
• Next in thread: John Thornton: "RE: Cell phone access to email"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages TR: BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability ... Subject: TR: BadBlue v1.02 beta for Windows 98, ME and 2000 .php Source Code Disclosure Vulnerability ... Here is the answer from the BadBlue Team: ... (Vuln-Dev) Re: free tool to encrypt php? ... Any free tool i can use to encrypt my php source code? ... Are you talking about something to shroud the variable names and ... My theory is program on the web like they can see your source code. ... Nobody can see your PHP code unless your server is mis-configured. ... (comp.lang.php) Re: OT: php doc served to client ... really the actual PHP source code rather than the rendered HTML, ... something is seriously, seriously fucked server-side. ... model precludes offering up source code to the cloud. ... (uk.rec.motorcycles) Re: OT: php doc served to client ... really the actual PHP source code rather than the rendered HTML, ... then something is seriously, seriously fucked server-side. ... (uk.rec.motorcycles) Re: OT: php doc served to client ... really the actual PHP source code rather than the rendered HTML, ... something is seriously, seriously fucked server-side. ... model precludes offering up source code to the cloud. ... (uk.rec.motorcycles)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > vuln-dev  > 2001-08