Obscure jQuery File Coding Glitch That Existed For 8 Years!
Out of the most well-known plugins of the jQuery framework, reportedly, one has subsisted for more than a couple of years in the oversight code which exposed methods of exploitation.
The jQuery file widget gets affected to a hazardous extent and uploading random files and command shells gets all the easier for cyber-cons. The flaw was unveiled by a researcher of a genuine organization while studying the widget’s code. He could also send commands and run them on the test server he had constructed.
The aforementioned researcher worked with the developer of the plugin and brought in the open the fact that the glitch was triggered by an altercation in the Apache 2.3.9 which by default switched the .htaccess files off, lest not switched on by the user. The main function of these files was to collect and keep safe the security settings of a folder. The plugins that depended on the usage of .htaccess files to restrict access were rendered useless, after the introduction of Apache 2.3.9 and same was the case with jQuery File Upload.
Supposedly, this was done firstly, to heighten the performance and secondly to safeguard the system’s configuration of the administrator by averting the users from altering the default system settings.
The coding glitch doesn’t exist anymore in the fresh version of jQuery File Upload. The code was altered so that only file types like JPG, JPEG, PNG, and GIF could be acknowledged by default. The venture caught fame pretty fast and hundreds of copies of it had the flawed code in it. Around 8000 modified versions of it exist in the market today, according to sources. In fact, in cases when the original code was altered in order to accommodate a user’s need the vulnerability got highlighted.
In the variations of the original code, the researcher uncovered three common ones and generated an exploit that worked on finding differences and uploaded a PHP shell.
The release of Apache 2.3.9 was in 2010, and ever since then the vulnerability in the jQuery File Upload has existed for around 8 years and was next to unnoticed for all these years. The exploitation techniques have been out via hacker forums for at least 3 years.