############################################################################### # Exploit Title : ntop, Web-based Traffic Analysis and Flow Collection tool reflected xss vulnerability # Author : Manish Kishan Tanwar # Vendor : httphttp://www.ntop.org # Date : 10/06/2014 #Discovered @ : INDISHELL Lab # Love to : zero cool,Team indishell,Hardeep Singh #email : manish.1046@gmail.com ############################################################################## //////////////////////// /// Overview: //////////////////////// ntop is Web-based Traffic Analysis and Flow Collection tool which is use to monitor network traffic. its web interface suffers from xss vulnerability. /////////////////////////////// // Vulnerability Description: /////////////////////////////// title paramter in link http://localhost:3000/plugins/rrdPlugin?action=list&key=interfaces/eth0&title=interface eth0 doesnt check for values before displaying them on web page because of which it is vulnerable to xss ////////////////////////////// /// Proof of Concept: - ////////////////////////////// here is the example url injected with simple xss payload http://localhost:3000/plugins/rrdPlugin?action=list&key=interfaces/eth0&title=interface eth0