December 2019 ~ ALI HASSAN GHORI

LinkCentre | Cross Site Scripting Vulnerability #2

10:00 Posted by Ali Hassan Ghori

It was another xss vulnerability in linkcentre. There's a little trick here to trigger xss. Hope you like it. Stay Connected :) @doubt2proud

iFixit | Forgot Password Mechanism Works as a Spam Machine

19:34 Posted by Ali Hassan Ghori

1) You got to go to Forgot Password webpage.{https://www.ifixit.com/login/forgot_password} 2) You will see an input text field where you can enter an e-mail address * Now, repeat the above 2 steps and you can keep sending e-mails to the same address again and again. You need to do is just simply Click Reset My password many times. "Attacker would automate HTTP requests and keep sending the e-mails" repeatedly. This could result in spamming where attacker enters the target e-mail address which might belong to anyone and keeps them sending bulk e-mails which makes the customer look at it as, spamming which is pathetic.

Linkcentre | Reflected Cross Site Scripting Vulnerability

16:17 Posted by Ali Hassan Ghori

1. Simply copy and paste the below URL in Google Chrome, Mozilla Firefox and IE.
https://www.linkcentre.com/search/?q=%27;prompt(document.domain);///

2. It will give you a popup which reflected on "q" parameter.
Bypassing Technique: \';alert(1);///

Tracing: Trace any email to know actual sender

22:59 Posted by Ali Hassan Ghori

*** How to Trace Emails Back to their Source IP Address ***
To trace the IP address of the original email sender, head to the first Received in the full email header. Alongside the first Received line is the IP address of the server that sent the email. Sometimes, this appears as X-Originating-IP or Original-IP. Find the IP address, then head to some IP Lookup online and paste the IP address to get the sender information.

@doubt2proud

Paypal | Open Url Redirection Vulnerability (paypal-biz.com)

22:57 Posted by Ali Hassan Ghori

An URL Redirection, also known as Open Redirection. It is occurs when web page is being redirected to another web page via a user controllable input.

Paypal-biz.com was vulnerable for this vulnerability. This was reported responsibly and is now accepting URLs only which are located on accepted domains.

@doubt2proud

Pinterest | Unvalidated Url Redirection

22:48 Posted by Ali Hassan Ghori Vulnerability

Pinterest website instapaper.com was vulnerable for Url Redirection. The steps followed are:
1- Visit: https://www.instapaper.com/user/login...
2- Login to the account.
3- The page instead of logging-in will be redirected to evilsite.com

@doubt2proud

ClubCollect | Url Redirection

22:46 Posted by Ali Hassan Ghori

1. Visit https://www.clubcollect.com/#home-form
2. Fill the Form by entering Name, email and captcha.
3. Turn your Interceptor ON and click on Send button, capture the request by Interceptor.
4. Change the default 'return_to' parameter value to directed domain.

@dout2proud

Walmart | Cross Site Scripting Vulnerability

22:45 Posted by Ali Hassan Ghori

Vulnerable Url: https://homeservices.walmart.com/blog/ It was observed that www.homeservices.walmart.com/blog/ page was vulnerable to XSS.

Shark-Watch | Cross Site Scripting Vulnerability

22:41 Posted by Ali Hassan Ghori

URI-BASED of the page https://www.shark-watch.com/en was vulnerable. The bug was reported responsibly. @doubt2proud