iFixit | Forgot Password Mechanism Works as a Spam Machine

19:34 Posted by Ali Hassan Ghori
1) You got to go to Forgot Password webpage.{https://www.ifixit.com/login/forgot_password} 2) You will see an input text field where you can enter an e-mail address * Now, repeat the above 2 steps and you can keep sending e-mails to the same address again and again. You need to do is just simply Click Reset My password many times. "Attacker would automate HTTP requests and keep sending the e-mails" repeatedly. This could result in spamming where attacker enters the target e-mail address which might belong to anyone and keeps them sending bulk e-mails which makes the customer look at it as, spamming which is pathetic.

Tracing: Trace any email to know actual sender

22:59 Posted by Ali Hassan Ghori
*** How to Trace Emails Back to their Source IP Address ***
To trace the IP address of the original email sender, head to the first Received in the full email header. Alongside the first Received line is the IP address of the server that sent the email. Sometimes, this appears as X-Originating-IP or Original-IP.  Find the IP address, then head to some IP Lookup online and paste the IP address to get the sender information.


Paypal | Open Url Redirection Vulnerability (paypal-biz.com)

22:57 Posted by Ali Hassan Ghori
An URL Redirection, also known as Open Redirection. It is occurs when web page is being redirected to another web page via a user controllable input.

Paypal-biz.com was vulnerable for this vulnerability. This was reported responsibly and is now accepting URLs only which are located on accepted domains.


ClubCollect | Url Redirection

22:46 Posted by Ali Hassan Ghori
1. Visit https://www.clubcollect.com/#home-form
2. Fill the Form by entering Name, email and captcha.
3. Turn your Interceptor ON and click on Send button, capture the request by Interceptor.
4. Change the default 'return_to' parameter value to directed domain.


Walmart | Cross Site Scripting Vulnerability

22:45 Posted by Ali Hassan Ghori
Vulnerable Url: https://homeservices.walmart.com/blog/ It was observed that www.homeservices.walmart.com/blog/ page was vulnerable to XSS.