Loading...

XML

Word

Printable

Type: Bug
Resolution: Not a bug
Priority: Major
Fix Version/s: None
Affects Version/s: 2.9.1
Component/s: Roles / Access
Labels:
- tablets

Affected Branches:
MOODLE_29_STABLE

Hi;
I can bypass login screen on moodle page via hijacked sessionID.

here is google dork: inurl:"/moodledata/sessions"
google link: https://www.google.com/#q=inurl:%22/moodledata/sessions%22

sample links:
http://www.wilbingashackscrew.com.au:48/moodledata/sessions/sess_foqkdecvkam829teijiunosrf2
http://www.wilbingashackscrew.com.au:48/moodledata/sessions/?C=S;O=D

POC:
https://drive.google.com/file/d/0B-LWHbwdK3P9SGtqSEppSG1JREU/view?usp=sharing
https://drive.google.com/file/d/0B-LWHbwdK3P9aW55a1hSY3ozVE0/view?usp=sharing

Regards.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

session hijacking moodle-1.docx
369 kB
28/May/20 1:45 PM

has been marked as being related by

MDL-51365 Session TTL set arbitrarily high

Closed

Assignee:: Unassigned

Reporter:: Ugur Cihan Koc

Participants:: Andrew Lyons, Dan Poltawski, David Mudrák (@mudrd8mz), Eloy Lafuente (stronk7), Eric Merrill, Himanshu Kandpal, Petr Skoda, Ugur Cihan Koc

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 08/Sep/15 5:56 AM

Updated:: 28/May/20 6:49 PM

Resolved:: 22/Sep/15 5:27 AM