Crossdomain.xml vulnerabilities

Question

<cross-domain-policy>
 <allow-access-from domain="*" secure="false"/>
 <site-control permitted-cross-domain-policies="master-only"/>
</cross-domain-policy>

I would like to ask two questions:

Is this crossdomain.xml vulnerable (the file is placed on the root of the host e.g. www.example.com/crossdomain.xml)?
How I can exploit or test similar files?

I'm sure you've seen this because it's from a quick google but http://sethsec.blogspot.com/2014/03/exploiting-misconfigured-crossdomainxml.html looks like the most comprehensive resource for exploiting this type of vulnerability. — Justin Moore, Aug 19 '15 at 21:20

score 7 · Accepted Answer · answered Aug 19 '15 at 22:45

7

This crossdomain.xml policy file revokes all protection that the Same Origin Policy provides.

I use the crossdomain proof of concept tool, which has a simple interface to test SOP bypasses.

answered Aug 19 '15 at 22:45

rook

46,916
10
92
181

Thanks. So this particular file is vulnerable right? – Michal Koczwara Aug 19 '15 at 23:17
1

@Michal Koczwara Without a shadow of a doubt. 100% textbook issue right here, all sources will confirm that the SOP has been intentionally disabled. It really doesn't get clearer than this. – rook Aug 19 '15 at 23:19
So basically an attacker can send requests to the target from any random domains here: but not sure what is this ? – Michal Koczwara Aug 19 '15 at 23:28
`` is allow from all. – Shritam Bhowmick Aug 31 '15 at 03:25

Crossdomain.xml vulnerabilities

1 Answers1

Linked