Open alexanderflink opened 1 year ago
including the browser
This part is not accurate. Try running this in your browser, even from http://127.0.0.1:41416
:
fetch('http://127.0.0.1:41416/run/', {
method: 'POST',
headers: {
'Origin': 'http://127.0.0.1:41416',
'Host': '127.0.0.1:41416',
'Content-Type': 'application/x-www-form-urlencoded'
},
body: 'echo I have shell access'
});
Unless you are exposing port 41416 to the public, which you should definitely not have a reason to do, the only way for this server to be called is from a process running on your machine. If you have a malicious process running on your machine with network access, it probably already has what it needs to run arbitrary commands.
Maybe I'm missing something, but i don't think this is a big deal.
I noticed that Übersicht listens for commands sent to 127.0.0.1:41416/run and runs whatever shell commands are sent there. I am not very knowledgeable about computer security, but this seems like a security risk to me. Any program on my computer (including the browser) basically now has shell access.
As an example, I tried this command in the terminal:
curl -H "Origin: http://127.0.0.1:41416" -H "Host: 127.0.0.1:41416" -X POST 127.0.0.1:41416/run/ -d 'echo I have shell access'
and it works, which is worrying to me.
Can Übersicht function without having this command server? Or is this in fact not a security risk at all? If so, could you please explain why?
Thanks!