rdesarz / rust-http-server Goto Github PK
View Code? Open in Web Editor NEWA simple http server built with Rust
License: MIT License
A simple http server built with Rust
License: MIT License
Hello! I have been interested in running a simple web server for a small project and I have decided to use this time to learn Rust! In my search for understanding web server hosting with Rust I came across your repo and was interested in what it offered.
Your program so far has been quite wonderful I can say but, of course, I would not be writing you an issue if I found it was perfect.
I come from a hacking background and always try to find vulnerabilities in software I write and in things I use. I am, of course, a white hat and do not use this information for malicious purposes and instead report it to the appropriate person(s).
I understand that this software is not a big name library for web hosting solutions in rust but I do think I have an offer for you to learn yourself smart and improve your skills just a little more!
This is where I begin to describe the attack and what I have found:
The way that this web server hosts it's content via calling it in the url: i.e localhost:8080/hello.html is fundamentally flawed
My first instinct was to try and asking for /.. which did not do anything however this is because I ran this on a Windows machine which is obviously not Linux. Thinking into this I started going for Windows syntax like C:\ and luckily there is not a system in place that offers a page that gives you directory contents but if you know what you are looking for you can still access everything in the system with a valid URL to it. I tried accessing files with spaces but that seems to not work so they may be safe but otherwise any other file can be accessed.
I would put money on if this system were ran on a linux machine and someone had improperly managed permissions that the /etc/passwd or /etc/shadow file could be displayed for all to see if asked nicely from this rust server.
TL;DR bad stuff
I think ultimately from this, it does not matter. Technically speaking this should not be used by anyone in a production manner but not everyone has the forethought to say "Hey! This might not be secured! I shouldn't assume the person who wrote this thought everything through and bug tested! This is not production level material!" I would say that it would be a good opportunity for the author to maybe implement security into their software and learn something about it. Otherwise this is just me putting it out there that this software is not safe to use at all.
and furthermore THANK YOU for giving me a half hour of fun bug testing and getting back into my roots :)!
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.