I am Ali Kabeel an Application Security Intern at Seekurity team. This is my first blog i hope you like it. In this blog post I will be mainly focusing on Business Logic vulnerabilities by offering some tips and tricks on how to abuse invitation systems using real-world examples from my Facebook Bug Bounty experience but first let’s get a general knowledge about some concepts.
Continue reading “Business Logic Vulnerabilities Series: A brief on Abusing Invitation Systems”
2 months ago we have installed some servers in countries such as Germany and Singapore in which constantly we are receiving automated SSH bruteforce attacks trying to compromise the root user mainly from countries like China, Argentina, Brasil, Ecuador, Taiwan, Korea and India. After analyzing the traffic, we disabled the root user but hours later we started receiving attacks with different users, then we proceed to block the usage of users like: admin, test, guest, info, oracle, testing, webmaster and user.
Continue reading “List of IPs you should block in your SSH server”
[-] Product Description:
phpSocial is a Social Network Platform similar with Facebook, allowing users to interact with each other by live chatting, sending messages, comments, like, share photos, life events and so much more.
Continue reading “Cross-Site Scripting Vulnerability in phpSocial aka phpDolphin Social Network Script [CVE-2017-10801]”
Today we will talk about a session management vulnerability affects OpenProject with all its version before 6.1.6 (old Stable) and 7.0.3 (latest stable) and may lead to accounts compromise and perform unauthorized actions via physical access to the logged in user session. but first lets know some general info.
First what is OpenProject?
OpenProject is a web-based project management system for location-independent team collaboration. This open source application is released under the GNU General Public License Version 3 and is continuously developed by an active open source community.
In addition to numerous smaller OpenProject installations there are also some very large installations in global organizations with more than 2,500 projects.
Continue reading “OpenProject Session Management Security Vulnerability aka CVE-2017-11667”
Today we will discuss about a basic hunt of a reflected cross site vulnerability in SimpleRisk platform but first lets know some general details about the platform itself
What is SimpleRisk?
SimpleRisk is an open-source risk management system released under Mozilla Public License and used for risk management activities. It enables risk managers to account for risks, plan mitigation measures, facilitate management reviews, prioritize for project planning, and track periodic reviews. SimpleRisk allows risk managers to prioritize enterprise responses according to the severity of threats and vulnerabilities that could impact the business.
SimpleRisk sports a dashboard for submitting a new risk for consideration by your team, for creating risk reports and graphs of risk levels and locations. Highly configurable, SimpleRisk report generation is dynamic; risk formulas could be tweaked on the fly.
Continue reading “CVE-2017-10711: Reflected XSS vulnerability in SimpleRisk – Open Source Risk Management System”
Hi, I’m Seif Elsallamy a bug hunter from Seekurity Team, Today i will show you a critical reflected Cross Site Scripting bug affecting mail.ru and could be used as an XSS worm but first let’s dive into some general information.
Continue reading “Stored XSS in the heart of the Russian email provider giant (Mail.ru)”
I hope you all are fine and doing well. Yes you read it right, We managed to find a vulnerability in a framework used to exploit vulnerabilities! “Today is me tomorrow will be you” 🙂
Today we will talk about a CSRF vulnerability affects the web application of both versions (Express, Community and Professional) of Metasploit Project.
But first what is Metasploit? (Seriously maybe somebody out there don’t know about it yet :D)
Continue reading “Vulnerability in Metasploit Project aka CVE-2017-5244”
I’m not going to talk a lot about this issue because it’s a little bit trivial but it affects Godaddy’s parked domains redirector/processor.
Continue reading “Godaddy XSS affects parked domains redirector/processor!”
Hey There, How you doing?
In this blog post I will be talking about my experience with minor bugs chained together to steal sensitive tokens.
#1. Stealing CSRF tokens through Google Analytics.
While randomly testing things on apps.shopify.com, I landed at some random app page and hit the Write a review button, I wasn’t logged in so I was redirected to the login page and after logging in I was redirected to the application page again. Ok, that’s normal. However, what wasn’t normal is that the URL I got redirected to contained this GET parameter
Continue reading “Let’s steal some tokens!”
My name is Mahmoud, a web application penetration tester, I have recently joined Seekurity and today I will share with you the details of the National Cyber Security CTF we recently had in Egypt.
This year, CyberTalents organised a cyber security CTF in Egypt sponsored by Trend Micro which is probably the largest and most-organised CTF we ever had in the middle east.
Continue reading “CyberTalents CTF web security challenges write-up”