.png)
2 months ago
33 BOOK THIS SPACE FOR AD
ARTICLE AD
A few months ago, during a routine security assessment, I uncovered a significant cross-site scripting (XSS) vulnerability in the ASUS Laravel Ignition debugging tool. This vulnerability, identified as R-XSS, posed a high risk due to the potential for unauthorized script execution in users’ browsers. Here’s how I discovered and explored this vulnerability.
While examining the target, I noticed that the Laravel Ignition debug mode was enabled on adam.asus.com, and the endpoint was vulnerable to XSS. The vulnerability was exposed through the following URL:
Vulnerable URL: http://adam.asus.com/_ignition/scripts/--%3E%3Csvg%20onload=alert('cappriciosec.com')%3EWhen accessing this URL, the embedded script was executed in the user’s browser, confirming the presence of an XSS vulnerability.
Bug Name: R-XSSBug Priority: HighVulnerable URL: http://adam.asus.com/_ignition/scripts/--%3E%3Csvg%20onload=alert('cappriciosec.com')%3EThe impact of this XSS vulnerability depends on the application’s context and the privileges of the compromised user. For example:
Minimal Impact: In applications with public information, the impact might be negligible.Serious Impact: In applications handling sensitive data, such as financial transactions or healthcare records, the impact could be severe, allowing unauthorized access to private information.Critical Impact: If a user with elevated privileges is compromised, the attacker could gain full control of the application, affecting all users and data.To confirm the vulnerability, follow these steps:
Access the Vulnerable URL: Open the URL in your browser: http://adam.asus.com/_ignition/scripts/--%3E%3Csvg%20onload=alert('cappriciosec.com')%3EObserve the Script Execution: The script will execute in your browser, displaying an alert with the text cappriciosec.com.To streamline the process, I built a Python tool specifically for detecting this vulnerability. You can install it using pip and automate your testing:
ToolPOC: laravel-ignition-rxss on github
pip install laravel-ignition-rxsslaravel-ignition-rxss --chatid <YourTelegramChatID>To Check a Single URL:laravel-ignition-rxss -u http://mytargetprogram.comTo Check a List of URLs:laravel-ignition-rxss -i urls.txt
To mitigate this vulnerability, it is essential to disable debug mode by setting APP_DEBUG to false in the environment configuration. This will prevent unauthorized script execution and protect users from potential XSS attacks.
POC by: @karthithehacker
Mail: contact@karthithehacker.com
Website: https://www.karthithehacker.com/
If you’re interested in our VAPT service, contact us at ceo@cappriciosec.com or contact@cappriciosec.com.
For enrolling my cybersecurity and Bugbounty course,
WhatsApp +91 82709 13635.
Twitter: https://twitter.com/karthithehacker
Instagram: https://www.instagram.com/karthithehacker/
LinkedIn: https://www.linkedin.com/in/karthikeyan--v/
Website: https://www.karthithehacker.com/
Github : https://github.com/karthi-the-hacker/
npmjs: https://www.npmjs.com/~karthithehacker
Youtube: https://www.youtube.com/@karthi_the_hacker
Thank you
Bengali (Bangladesh) · 
English (United States) ·