From 17905cc485624530e946c3454ec925a8f20c2615 Mon Sep 17 00:00:00 2001 From: Jerry Date: Sat, 20 Nov 2021 23:04:37 +0800 Subject: [PATCH] fix whois command injection vulnerability --- extensions.conf | 32 ++++++++++---------------------- 1 file changed, 10 insertions(+), 22 deletions(-) diff --git a/extensions.conf b/extensions.conf index cfd621e..7703c2c 100644 --- a/extensions.conf +++ b/extensions.conf @@ -4,9 +4,6 @@ writeprotect=no clearglobalvars=no [extdn42whois] -;exten => i,1,NoOp() -;exten => t,1,Goto(s,1) - exten => _X.,5,Set(CALLNUM=${EXTEN}) same => n,Goto(s,1) @@ -17,24 +14,23 @@ exten => s,1,Playback(silence/1) same => n,GotoIf($["${USERINPUT}" = ""]?extmymenu,${CALLNUM},5:whois,1) exten => whois,1,Set(SESSIONUNID=${RAND(0,100000)}) - same => n,TrySystem(/var/lib/asterisk/scripts/jerry/whois.py ${USERINPUT} ${SESSIONUNID}) + same => n,TrySystem(/var/lib/asterisk/scripts/jerry/whois.py "${USERINPUT}" "${SESSIONUNID}") same => n,Playback(/var/tmp/ast-dynamic/${SESSIONUNID}) same => n,GotoIf($["${PLAYBACKSTATUS}" = "SUCCESS"]?whois,whoisend:) same => n,Playback(im-sorry&something-terribly-wrong) same => n(whoisend),Goto(s,1) [extmymenu] -exten => i,1,Playback(silence/1&goodbye) - same => n,Hangup() - exten => _X.,5,Set(CALLNUM=${EXTEN}) same => n,Goto(s,1) exten => s,1,Wait(1) -;same => n(loop),Background(vm-press&letters/a&number) same => n(loop),Background(jerry-intro) same => n,WaitExten(15) +exten => i,1,Playback(silence/1&goodbye) + same => n,Hangup() + exten => t,1,Goto(s,loop) exten => _X,1,NoOp() @@ -60,12 +56,10 @@ exten => 3,100,NoOp() exten => 4,100,NoOp() same => n,Read(TMPNOM,z-external,1,,1,0.1) -;same => n,Playback(z-external) same => n,Goto(menuend,1) exten => 5,100,NoOp() same => n,Read(TMPNOM,z-macroform-cold_day,1,,1,0.1) -;same => n,Playback(z-macroform-cold_day) same => n,Goto(menuend,1) exten => _X,100,NoOp() @@ -79,7 +73,7 @@ exten => menuend,1,NoOp() exten => i,1,NoOp() exten => chanunavail,1,Playback(im-sorry&number-not-answering&please-try-call-later) -exten => chanunavail,2,Hangup() + same => n,Hangup() exten => 424036180001,5,Dial(PJSIP/REDACTED,300,m) exten => 424036180002,5,Dial(PJSIP/REDACTED,300,m) @@ -89,10 +83,8 @@ exten => 424036180005,5,Dial(PJSIP/REDACTED,300,m) exten => _X.,6,GotoIf($["${DIALSTATUS}" = "CHANUNAVAIL"]?chanunavail,1:) exten => 424036180000,5,Goto(extmymenu,${EXTEN},5) exten => 424036183618,5,Playback(silence/1&your&number&is) - same => 6,SayAlpha(${CALLERID(num)}) - same => 7,Playback(silence/1) -;same => 8,SayAlpha(${CALLERID(name)}) -;same => 9,Playback(silence/1) + same => n,SayAlpha(${CALLERID(num)}) + same => n,Playback(silence/1) exten => 424036184242,5,Goto(extdn42whois,${EXTEN},5) exten => _42403618XXXX,5,Playback(im-sorry&check-number-dial-again) @@ -102,7 +94,6 @@ exten => _42403618XXXX,5,Answer() exten => _42401332XXXX,5,NoOp() same => n,Dial(PJSIP/${EXTEN}@nia) -;same => n,Dial(PJSIP/${EXTEN:-4}@nia) exten => _42403315XXXX,5,NoOp() same => n,Dial(PJSIP/${EXTEN}@zane) @@ -117,11 +108,8 @@ exten => _42400119XXXX,5,NoOp() same => n,Dial(PJSIP/${EXTEN}@jrb0001) [jerry] -;exten => _X.,1,Set(CHANNEL(musicclass)=custom) +exten => _XXXX,1,Goto(42403618${EXTEN},1) +exten => _XXXXXXXX,1,Goto(4240${EXTEN},1) exten => _X.,1,NoOp() -exten => _XXXX,2,Goto(42403618${EXTEN},1) -exten => _XXXXXXXX,2,Goto(4240${EXTEN},1) -exten => _X.,2,NoOp() - -exten => _X.,3,Goto(extpeers,${EXTEN},5) +exten => _X.,2,Goto(extpeers,${EXTEN},5)