Posts

Showing posts from 2017

Add Credit Card to Any Uber account Through eats.uber.com(CSRF)

Hi All ,

Company Info :
Uber Technologies Inc. is an American technology company headquartered in San Francisco, California, United States, operating in 633 cities worldwide. It develops, markets and operates the Uber car transportation and food delivery mobile apps. Uber drivers use their own cars, although drivers can rent a car to drive with Uber.

Bug Category and reference links :
Cross Site request forgery(CSRF)
link :https://www.owasp.org/index.php/Top_10_2013-A8-Cross-Site_Request_Forgery_(CSRF)

Technical Details of the Bug :
CSRF takes advantage the fact that most web apps allow attackers to predict all the details of a particular action. Because browsers send credentials like session cookies automatically, attackers can create malicious web pages which generate forged requests that are indistinguishable from legitimate ones. Detection of CSRF flaws is fairly easy via penetration testing or code analysis.


Bug Description : 
It was Last September 2016 when eats.uber.com came in sco…

UnAuth Access to Twitter Private Tweets and messages Media Content Access(IDOR)

Image
Hi All,

Company Info :
Twitter is an online news and social networking service where users post and interact with messages, "tweets", restricted to 140 characters. Registered users can post tweets, but those who are unregistered can only read them. Users access Twitter through its website interface, SMS or a mobile device app.Twitter Inc. is based in San Francisco, California, United States, and has more than 25 offices around the world.


Bug category :
Indirect Object Reference(IDOR)
Link : https://www.owasp.org/index.php/Top_10_2013-A4-Insecure_Direct_Object_References


Technical Details of the Bug : 
Applications frequently use the actual name or key of an object when generating web pages. Applications don’t always verify the user is authorized for the target object. This results in an insecure direct object reference flaw. Testers can easily manipulate parameter values to detect such flaws. Code analysis quickly shows whether authorization is properly verified.


Bug Descriptio…

Account Takeover of All Souq.com users by Adding new Email(CSRF)

Hi All ,

Company Info :
Souq.com is an English-Arabic language e-commerce platform, often described as the Amazon of the Middle East.It is the largest e-commerce platform in the Arab world. On March 28, 2017, Amazon.com Inc. confirmed it would be acquiring Souq.com for $580 million

Bug Category and reference links :
Cross Site request forgery(CSRF)
link :https://www.owasp.org/index.php/Top_10_2013-A8-Cross-Site_Request_Forgery_(CSRF)

Technical Details of the Bug :
CSRF takes advantage the fact that most web apps allow attackers to predict all the details of a particular action. Because browsers send credentials like session cookies automatically, attackers can create malicious web pages which generate forged requests that are indistinguishable from legitimate ones.
Detection of CSRF flaws is fairly easy via penetration testing or code analysis.

About : 
It was in Last September when Souq.com was private program on hackerone. I started working on Souq.com and found that Site was vulnerable…