Business Logic Vulnerabilities Series: Hot Fixes Getting Cold, A journey of 7 Versions/Years of a sole Facebook vulnerability!

Hi Folks, This is the third part of A brief on Abusing Invitation Systems blog post, In case you have missed the previous parts of this story of write-ups, it is advised to have a sneak peak at the First & Second part before you go on with this post. So before we kick off to our case study let’s get a brief about some technical terms first, I am Ali Kabeel an Application Security Intern at Seekurity and let’s dive in…

Continue reading “Business Logic Vulnerabilities Series: Hot Fixes Getting Cold, A journey of 7 Versions/Years of a sole Facebook vulnerability!”

Share

Physical Security: Apple macOS Mojave screen lock glitch leaking the secrets behind it!


Let’s start with a simple question, what is Physical Security? and why it’s important?

Based on techtarget.com’s article:

Physical security is the protection of personnel, hardware, software, networks and data from physical actions and events that could cause serious loss or damage to an enterprise, agency or institution. This includes protection from fire, flood, natural disasters, burglary, theft, vandalism and terrorism.

Continue reading “Physical Security: Apple macOS Mojave screen lock glitch leaking the secrets behind it!”

Share

Fitbit – APIs and Access Control Failures, a simple API bug allowed to harvest millions of user private activities!


In this write-up we will show you how Seekurity team was able to harvest all the user’s private/custom activities leaves more than 20 million private custom activities data in danger.

First of all, this write-up is not a new one and the discovery itself is dated back to 2017 but we decided to disclose it right now after we gave Fitbit the reasonable amount of time to patch the vulnerability and to protect the health data about the users!

Continue reading “Fitbit – APIs and Access Control Failures, a simple API bug allowed to harvest millions of user private activities!”

Share

Google Drive: Bad implemented Logic leads to trivial bypass of any “Large File Download Quota Limits”!

TL;DR Today’s bug is a trivial bypass one which if exploited will give the attacker the ability to download a large file regardless of the quota limits that Google put in place as a mitigation/control for any kind of abuse.

Continue reading “Google Drive: Bad implemented Logic leads to trivial bypass of any “Large File Download Quota Limits”!”

Share

تطبيقات الفدية الخبيثة “رانسوموير” إحصائيات ونقاش ومعلومات وحلول

“الحقونى، ملفاتى كلها اتشفرت”

تقريباً مفيش اى حد مسمعش عن تطبيقات الفدية الخبيثة، واحد من اصل ١٠ اشخاص بيصابوا بيها، ومفيش مره ننزل فيها بوست على فيسبوك غير لما يكون فى على الاقل كومنت من نوع “الحقنى ملفاتى اتشفرت” او “الحقنى ملفاتى كلها اتغير امتدادها ومبقتش تفتح” او “سكرين شوت من سطح المكتب وكل الملفات اللى عليه متغيره”، لازم واحد من الكومنتات دى الاقيها على اى بوست بنزله حتى لو البوست ملهوش اى علاقه بأى شئ.

Continue reading “تطبيقات الفدية الخبيثة “رانسوموير” إحصائيات ونقاش ومعلومات وحلول”

Share

Trick or threat: De la confianza al sexting, la extorsión y el ciberacoso.

El pasado 31 de Noviembre fuimos invitados por la comunidad de Women Who Code Mexico City para dar una charla relacionada a la Seguridad Informática en las oficinas de Linio México.

Nuestra charla se enfocó en 3 temas “Sexting, extorsión sexual y el Ciberacoso“, ya que en los últimos años, los casos de extorsión sexual y el ciberacoso por parte de ex-parejas (principalmente) han aumentado considerablemente.

Continue reading “Trick or threat: De la confianza al sexting, la extorsión y el ciberacoso.”

Share

PAYFORT – Multiple Security Issues and Concerns in a PCI/DSS compliant payment processor SDK!

TL;DR A year ago we have been contacted by one of our clients from Middle east regarding looking for/implementing a payment processing solution for their own eCommerce solution and asked us to assist them in order to give them some candidates working in the same field in the middle east but we refused because our job is to assess not to suggest specific names, they suggested us some names but one among those names were a name-with-a-reputation but they ended up not choosing this name due to insecure implementation.

Continue reading “PAYFORT – Multiple Security Issues and Concerns in a PCI/DSS compliant payment processor SDK!”

Share

تحقيق وتحليل تقنى: جريدة الاهرام النسخة الانجليزية تقوم بإستخدام اجهزة الزوار لتعدين عملات رقمية بتكنيك مختلف وجديد!

موضة جديدة اتبعتها المواقع حديثا وهيا الكسب من خلال تعدين العملات الرقمية بدلا من استخدام اعلانات Google Ads او اى خدمة اعلانات اخرى على امل تحقيق مكسب اسرع، فى التحقيق دا هنتكلم عن جريدة “الاهرام اونلاين” وتعدين العملات الرقمية، واحد من متابعينا بتاريخ ٩ نوفمبر ٢٠١٨ بعتلنا على الصفحة الرسمية ل Seekurity ان موقع “جريدة الاهرام اونلاين النسخة الانجليزية” فيه مشكله وانه كل ما بيدخله اللابتوب بتاعه بيبدأ يبقى بطئ ويسخن، اول ما شوفت الرسالة وبدون حتى اى تفكير عرفت ان الموقع بيقوم بعمل تعدين لعملة رقمية ما.

Continue reading “تحقيق وتحليل تقنى: جريدة الاهرام النسخة الانجليزية تقوم بإستخدام اجهزة الزوار لتعدين عملات رقمية بتكنيك مختلف وجديد!”

Share

CryptoJacking by Clickjacking: Bypassing Coinhive OPT-IN feature and trick users into Cryptocurrency mining!

Today’s discovery is not a big deal too, just another Clickjacking in the world, but this time in the newly added “OPT-IN” feature by coinhive and authedmine but first let’s know some terms before we begin.

What is Coinhive?

Coinhive is a cryptocurrency mining service that relies on a small chunk of javascript code designed to be installed on Web sites.

Continue reading “CryptoJacking by Clickjacking: Bypassing Coinhive OPT-IN feature and trick users into Cryptocurrency mining!”

Share

Hak5 C2 (Cloud Command and Control) Self-hosted Server ClickJacking Vulnerability

Today’s discovery is not a big deal, just another Clickjacking in the world, this time in Hak5’s C2 (Cloud Command and Control) Server

First, let us know what is Hak5’s C2 (Cloud Command and Control) Server?
Hak5 C2 is a cloud self-hosted penetration testing platform lets you perform “Pentest from Anywhere” by connecting and using your Hak5 gear/products (WifiPineapple, Packet Squirrel or Lan Turtle) to a one unified dashboard and control those devices remotely through the cloud server.

Continue reading “Hak5 C2 (Cloud Command and Control) Self-hosted Server ClickJacking Vulnerability”

Share