rayhanadev / edge

Extremely simple Express.js filehost built for hosting on Replit!
https://edge.furret.codes
1 stars 0 forks source link

Security #1

Closed ghost closed 2 years ago

ghost commented 3 years ago

https://edge.rayhanadev.repl.co/dashboard Seriously, that's not hard. Like for example. I could upload a 1GB file which would render the service useless. Nevermind RECALL ATTACKS, seriously just have a program listen for the headers on a device, send it to the owner of that program. Great they can use that auth token and login ;)

rayhanadev commented 3 years ago

That wasn't the point. Send a file, please. Replit Auth proxy is not that easy to attack but by all means try.

rayhanadev commented 3 years ago

Also it is meant to be a personal service i.e. the common sense behind not uploading 1GB xD.

ghost commented 3 years ago

@RayhanADev i just described the process. It would be pretty hard for me to pull off.

ghost commented 3 years ago

Also i had reported that replit.com at 8:00 00:00 GMT+ crashed https://status.replit.com/

ghost commented 2 years ago

@rayhanadev lets not talk about the recent linux RCE for bluetooth lmao. One way to get code on there. Another is the pkexec package which is part of polkit.

Polkit is a required dependency of all desktop environments.

Then again, wouldn't a keylogger be better than looking at headers?

rayhanadev commented 2 years ago

Would you be willing to open a PR with a better security fix? :)

ghost commented 2 years ago

ok, hold on...

May I request permission to pentest and report anything a bit... wrong? Currently that is a concept but I'll try a few other things.

BTW, I upload 1GB files to my drive lol. ISO images.

ghost commented 2 years ago

Just did something (url traversal) nice to see that you took the ../../.. into account and did not accidentally leave that in at all.

ghost commented 2 years ago

Hold on. What if we were to like. Compete to innovate. E.G. I make my own and we compare? I mean like it could turn into a opensource project(s) but after, we can compare projects. TBH, I'd think this would be really fun to do.

rayhanadev commented 2 years ago

ok, hold on...

May I request permission to pentest and report anything a bit... wrong? Currently that is a concept but I'll try a few other things.

BTW, I upload 1GB files to my drive lol. ISO images.

I would request anything that isn't majorly damaging and DM me on Discord (I'm in the Replit server) with whatever you choose to do :)

rayhanadev commented 2 years ago

Just did something (url traversal) nice to see that you took the ../../.. into account and did not accidentally leave that in at all.

The obvious attack vectors were covered ;)

rayhanadev commented 2 years ago

Hold on. What if we were to like. Compete to innovate. E.G. I make my own and we compare? I mean like it could turn into a opensource project(s) but after, we can compare projects. TBH, I'd think this would be really fun to do.

By all means! I really only did this as an 'extremely simple' filehost for the template jam but I think it would be a great challenge, I could certainly learn a thing or two from you :D.

ghost commented 2 years ago

@rayhanadev Ok. Challenge accepted. For a fair competition:

^ Just to lay down some rules for an equal chance on your behalf.

ghost commented 2 years ago

@rayhanadev baah, since I am unable to turn off copilot due to a slow computer, I'll allow it's use. (it is a vscode extension btw)

ghost commented 2 years ago

Got github auth to work.

ghost commented 2 years ago

Literally 2 hours in.

https://user-images.githubusercontent.com/80392427/171154985-d9fe3619-bd2d-41ce-a22c-513c40251b78.mp4

ghost commented 2 years ago

@rayhanadev BTW, this is causing me to create an absolutely awesome CSS design language; I think this was not a bad choice as it furthers me in the progress of Mutter - the fully actually to be fully fleshed out chatting app.

ghost commented 2 years ago

Hah, I am actually making the site fully mobile responsive using @media css queries and flexbox. About time I ACTUALLY started doing that lmao.

ghost commented 2 years ago

ah yes, apparently I count as more than 1 person. I keep writing "We".

rayhanadev commented 2 years ago

I'm so sorry I took an Internet hiatus like a week ago 😓.

ghost commented 2 years ago

@rayhanadev naah, don't worry; I have opted to remove the time since I overworked myself too hard due to said time limit: Dont want you to do the same.

rayhanadev commented 2 years ago

Thank you! I'll start working on one myself as well :)