Multiple Vulnerabilities in Smartphone Pentest Framework (SPF)
|Product:||Smartphone Pentest Framework (SPF)|
|Vendor:||Bulb Security LLC|
|Vulnerable Versions:||0.1.2 and probably prior|
|Advisory Publication:||October 24, 2012 [without technical details]|
|Vendor Notification:||October 24, 2012|
|Vendor Fix:||November 15, 2012|
|Public Disclosure:||November 14, 2012|
|Latest Update:||November 15, 2012|
|Vulnerability Type:||OS Command Injection [CWE-78]|
SQL Injection [CWE-89]
Cross-Site Request Forgery [CWE-352]
Information Exposure [CWE-200]
Incorrect Default Permissions [CWE-276]
|CVSSv2 Base Scores:||8.3 (AV:A/AC:L/Au:N/C:C/I:C/A:C)|
|Solution Status:||Fixed by Vendor|
|Discovered and Provided:||High-Tech Bridge Security Research Lab|
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Smartphone Pentest Framework (SPF) web-based GUI, which could be exploited to get control over a pentester's machine. The research was inspired by the vulnerability found by Jon Passki
|Vendor reply (October 24, 2012):|
"I'm taking the GUI out of the project entirely for the time being so that will be the short term patch. DARPA wanted there to be a gui but obviously having a webbased gui was a terrible idea. Feel free to release whatever you want about it, everybody else does."
Vendor reply (November 8, 2012):
"The product in question doesnt even exist anymore. So I don't know what you want me to say about it being patched. It was just a proof of concept. Not a product at all. And since clearly it wasnt good enough for primetime I removed it from github. Say whatever you want about it."
Vendor solution (November 15, 2012):
According to the vendor all the vulnerabilities are patched in version 0.1.3: https://github.com/georgiaw/Smartphone-Pentest-Framework
| High-Tech Bridge Advisory HTB23123 - https://www.htbridge.com/advisory/HTB23123 - Multiple Vulnerabilities in Smartphone Pentest Framework (SPF).|
 Smartphone Pentest Framework (SPF) - http://www.bulbsecurity.com/smartphone-pentest-framework/ - Smartphone Pentest Framework is an open source security tool, designed to aid in assessing the security posture of smartphones in an environment.
 Common Vulnerabilities and Exposures (CVE) - http://cve.mitre.org/ - international in scope and free for public use, CVE® is a dictionary of publicly known information security vulnerabilities and exposures.
 Common Weakness Enumeration (CWE) - http://cwe.mitre.org - targeted to developers and security practitioners, CWE is a formal list of software weakness types.
Please feel free to send us any additional information related to this Advisory, such as vulnerable versions, additional exploitation details and conditions, patches and other relevant details.