Baidu Passport Content-Security-Policy Bypass Scanner

Baidu Passport is widely used as an authentication service by websites and applications to facilitate user logins via the Baidu platform. Organizations and individuals often integrate Baidu Passport to streamline access and simplify user management. Baidu Passport allows users to log in using a single Baidu account across different services, enhancing user experience. It provides an efficient authentication method, ensuring secure access to services. Many digital services in China and other regions rely on Baidu Passport for user verification. Its broad adoption is attributed to ease of use and trust in the Baidu brand's security measures.

The Content-Security-Policy bypass vulnerability in Baidu Passport allows malicious actors to potentially execute Cross-Site Scripting (XSS) attacks. By injecting scripts into trusted sites, attackers can manipulate user sessions or retrieve sensitive data. The vulnerability lies in the improper implementation of the Content-Security-Policy, failing to restrict harmful scripts adequately. This oversight enables the execution of scripts that can perform unauthorized actions on behalf of the user. Successful exploitation could lead to unauthorized access to user data and disruption of services. Addressing this vulnerability is crucial to maintaining a secure web environment and protecting user information.

The attack vector for this vulnerability involves preparing a crafted script that targets specific endpoints vulnerable to script injections in Baidu Passport. By exploiting these endpoints, an attacker can inject scripts that bypass existing Content-Security-Policy checks. The vulnerable parameter typically includes parts of the URL or HTTP headers where scripts can be injected. Attackers often encode their payloads to bypass detection and execution restrictions. Once executed, these scripts can interact with the webpage, capture session data, or redirect users to malicious sites. Identifying and patching these technical vulnerabilities is critical for ensuring user safety.

Exploitation of this vulnerability can have severe consequences, including unauthorized data access, session hijacking, and potential identity theft. When attackers successfully execute XSS attacks, they can steal user cookies, gaining access to personal information and credentials. These attacks can also result in defacement of websites, leading to reputational damage for the affected organization. Furthermore, compromised user accounts can be leveraged for further attacks, spreading malware or phishing schemes. Organizations facing such vulnerabilities must act swiftly to prevent breaches and protect their users' privacy and security.

REFERENCES

• https://github.com/renniepak/CSPBypass/blob/main/data.tsv