Video conversion bug and security risks.

theadmiralgeek posted 11th of February 2008 in Community Voice. 4 comments.
When uploading a video.

Uploaded a video that is 4 MB's. then I checked my server , and surprisingly enough the file size of that original uploaded file has multiplied by four times, the now 4MB file is 23MB's. AND the converted MPEG of the original file is quite large as well (this can be expected because of the codec that is used to convert it) which is MPEG based.

But deleting the original file automatically deletes the MPEG, but deleting the MPEG of the original file does not (this  deletion is server side and not client side, because client side the PHP code deletes the original file which in turns deletes the MPEG)

This needs to be sorted, because there is no need to have the original file left there. Only the converted MPEG video.
And also, if would be far more effective if you used FLV codecs in the conversion process, this will save a great deal of space when converting and will also proove positive for people who have low disk space of dedicated servers.

Also, when applying new membership permissions to the Video(play video) and music(play music) the given actions have no effect

Also, when setting up membership level with any actions to the music(uploading) and video(uploading) they have no effect either.

also when someone makes a recording for their profile video and when they have it recorded and have it saved they can not download it, a error comes up saying that the directory can not be found (this happens when RMS feed is active)


#####Security Risks######

Also the following is a security risk that i did in order to test the security of your software. Especially when there was a EXE on board

I joined a Trojan (backdoor ADW) with a AVI and successfully uploaded it, ran the trojan manager and i got root access to the servers host. This was tested on my server WITHOUT THE RMS FEED. Will not be done through the RMS feed. With this i got access to certain Paypal details that i had set up. And alot of other security details.

A Response has been submitted to ethicalhacker.net and should be followed up on your side. And because the software is not fully protected by copyright laws, the 6 months software developers response can be waived.
There is no sign of PHP checking for double extension files.

also the media directories when streaming can be viewed by tamper data on firefox and in turn the media files can be downloaded. This violates the privacy terms for hosting media.



 
Comments
·Oldest
·Top
Please login to post a comment.
ESASE
Hi, can you show me your .avi file with trojan. I want to test it.
theadmiralgeek
absolutely not.
It's not within my ethics to do so, Sorry.

The security risk is for the attention of the Boonex Development.
Handing out the file/s would only put other Dolphin community's at risk.
VictorT
Thanks for the report and information.

But I believe we will need more technial details about the security issue and it's performance.

Can you PM me them?
nuccca
Yes @theadmiralgeek, thanks for being not only ethical, but completly honest.

@esase - giving out that file would spread like wildfire and could get into the wrong hands and deem Dolphin unsuitable for Hosting, nobody would wanna host Dolphin sites with that much of a security risk.
 
 
Below is the legacy version of the Boonex site, maintained for Dolphin.Pro 7.x support.
The new Dolphin solution is powered by UNA Community Management System.
PET:0.12233805656433