MASKED USER INFORMATION LEAKAGE

Hey Guyes today i found a vulnerability of user information leakage due to improper auth token implementation in application.

DESCRIPTION:

some applications mask user informaion like mail id , phone no , adhar card, pain card or any personal information of use for user privacy. but due to some loop holes an attacker can see masked user information.

LETS CONTINUE HOW I FOUND :- ➤

1. Login in application

2. Click on deals and capture that request in burpsuite

3. Send that request in repeater tab check response

4. Now logout account check response same response appeared.

5. I tried to check with old auth token then also same response received

Phone number and mails are not showing in response⦽

1. I tried to bruteforce deals id

2. I got the username information like phone number ,mails of that user that is previously authenticated with that auth token.

So if an attacker got expired auth token then he can extract user information by that auth token

Precautions:

Auth token is implemented all over the application. Expired token should not be of used any more.

For this vulnerbility monetha gave a bounty but low 110$ , hence it have low impact: 🔻🔺

Comments

Passcode Protection Bypass By Brute Forcing On zoho (Cliq Application)

First We discuss about what is passcode and Why it is Implemented in Mobile Applications. PASSCODE Implemented in Mobile Application to protect Applications from an Unauthorized Access.like for example your cliq or any application account is logged in mobile phone .any your friend ask you to give phone , your friend try to open cliq application to see your message, but your friend cant open the application without entering passcode . he have to enter passcode for open, so it is an extra layer security in applications. Passcode protection implemented in Android Application is an extra layer security to protect an unauthorized access. How Passcode Protection is bypassed by Bruteforcing? You know that passcode protection or pin protection in mobile applications have some attempt to enter passcode , if you enter wrong passcode more than 5 times or 10 times based on application security , User logged out automatically and redirected to login page.but due to some ...

Exploitation of Improper Export of Activities In Android Application

In android You know that every GUI interface is an separate activity. An activity represents a single screen with a user interface just like window or frame of Java. In An application there are many activities depend on application functionalities. Let's take a example : An application that have three modules login , register and dashboard . For that there are there are three different activities for all these modules. What is export Means Here? In Android Application there is an attribute android: exported =true or false . This attribute is used in android to provide an access to other third party application to start their service , activities and receive broadcast messages. Like for an Example : If an application have broadcast receiver to receive any events or message , if in that application exported attribute is set to true then this broadcast message can also receive by other thi...

A New Way Of Brute force Passcode/Pin Protection By deep link

DESCRIPTION : AS you know already that what is passcode protection and why it is applied ? And how it is bypassed normally ? If you don’t know please read my previous blog: https://negativewives.blogspot.com/2020/04/passcode-protection-bypass-by-brute.html When any passcode protection is implemented first check any activity is exported or not ? Here we only talking the scenario where no activity is exported in application PROCEDURE : Open Application after implementing passcode protection. You see that passcode activity is launched first Go to AndroidMainfest.xml file and check launch mode of passcode activity . Question Arises in your mind - ...

NegativeWibes

Search This Blog