XBox One Directory Traversal and Information Exposure

IoT 10个月前 admin
153 0 0

Xbox One OS Version 10.0.18363.8119 (19h1_release_xbox_dev_1911.191119-1135) has Directory Traversal and Information Leakage vulnerabilities

Note from 2023

This vulnerability was found late 2019 while working on some protocol vulnerabilities like CallStranger on my old XBox one. I’ve sent early report to Microsoft and went on a work trip. When I came back to research I saw File Explorer application was removed from XBox One https://www.reddit.com/r/xboxone/comments/ebrrf1/working_alternatives_to_xbox_file_explorer/ https://twitter.com/xboxinsider/status/1202357755140546560 and report was not accepted with an attached tag ‘non-reproducable’ . I stopped working on XBox One after this ridiculous reply by MS Security team.

Directory Traversal (CWE-22 Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) )

When we open File Explorer application on Xbox One, we see 8 empty folders : XBox One Directory Traversal and Information Exposure

As soon as we write .. in Search area in File Explorer applications, we can access some folders we didn’t see before XBox One Directory Traversal and Information Exposure

We can browse into these folders:

XBox One Directory Traversal and Information Exposure XBox One Directory Traversal and Information Exposure

Information Exposure (CWE-200 Information Exposure )

We can copy this Edge backup folders to external USB drive and analyze on computer. They are standart edb files and some log files.

EDB Files

We can analyze EDB files with ESEDatabaseView https://www.nirsoft.net/utils/ese_database_view.html application easily. XBox One Directory Traversal and Information Exposure

Log Files

When we analyzed log files, we saw internal directory structure of Edge for Xbox One XBox One Directory Traversal and Information Exposure

原文始发于Github:XBox One Directory Traversal and Information Exposure

版权声明:admin 发表于 2023年8月6日 下午11:03。
转载请注明:XBox One Directory Traversal and Information Exposure | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...