AOH :: HP Unsorted W :: TB12505.HTM

WinSCP < 4.04 url protocol handler flaw



WinSCP < 4.04 url protocol handler flaw
WinSCP < 4.04 url protocol handler flaw



-Affected products: WinSCP 4.03 and older

-Details:
By default WinSCP installs url protocol handlers for the scp:// and sftp:// protocols. 
These could be used by malicious web content to automatically upload any file from the local system to a remote server, or automatically  download files from a remote server to the local system.

Since version 3.8.2 there is a sort of protection against this, but this does not stop all forms of attack.

-PoC:
On a machine you control set up an scp-only account with the username "scp" with any password.
Place this on a website: