Active Members akkiliON Posted September 23, 2013 Active Members Report Share Posted September 23, 2013 Exploit: https://paypal-*.com - Source Code DisclosureAuthor: akkiliONSeverity: Very HighStatus: Submitted PoC: A?tept acum s? v?d dac? mi-l valideaz?. Un caz a fost deschis. 2 Quote Link to comment Share on other sites More sharing options...
Stfean_Iordache Posted September 23, 2013 Report Share Posted September 23, 2013 stai asa tu efectiv ai aflat detaliile de logare de la paypal ?ai putea face milioane ) Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 23, 2013 Author Active Members Report Share Posted September 23, 2013 E un partner site (paypal-*). Nu paypal.com Da, am aflat username, passwd, db & db_name. Quote Link to comment Share on other sites More sharing options...
Stfean_Iordache Posted September 23, 2013 Report Share Posted September 23, 2013 aha si ai putea exploata ceva din asta ? sa iti iasa si tie un ban de buzunar Quote Link to comment Share on other sites More sharing options...
SilenTx0 Posted September 23, 2013 Report Share Posted September 23, 2013 aha si ai putea exploata ceva din asta ? sa iti iasa si tie un ban de buzunarAre user,pass,db. Tu ce crezi? sau mai lasi si tu un reply ca sa mai faci un post, sa pari interesant.In plus, aki e baiat cuminte:> n-ar face asa ceva.nu-i asa akkilion? Quote Link to comment Share on other sites More sharing options...
Eric Posted September 23, 2013 Report Share Posted September 23, 2013 sunt curios cat primesti. good job ! Quote Link to comment Share on other sites More sharing options...
Stfean_Iordache Posted September 23, 2013 Report Share Posted September 23, 2013 Are user,pass,db. Tu ce crezi? sau mai lasi si tu un reply ca sa mai faci un post, sa pari interesant.In plus, aki e baiat cuminte:> n-ar face asa ceva.nu-i asa akkilion?incearca tu sa scoti niste cc dintr-un blog ....conteaza domeniu ca nu e paypal , ci e ceva legat de paypal....poate o fi sectiunea de chaturi sau mai stiu eu ce pe unde nu circula nici un ban.... Quote Link to comment Share on other sites More sharing options...
dekeeu Posted September 23, 2013 Report Share Posted September 23, 2013 Ar fi `frumos` ca cei de la PP sa schimbe user-ul si pass-ul la db si sa iti spuna ca nu e nicio amenintare. Quote Link to comment Share on other sites More sharing options...
tpad Posted September 23, 2013 Report Share Posted September 23, 2013 Ar fi `frumos` ca cei de la PP sa schimbe user-ul si pass-ul la db si sa iti spuna ca nu e nicio amenintare.34. Isus a vazut ca a raspuns cu pricepere si i-a zis: "Tu nu esti departe de Imparatia lui Dumnezeu." Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 24, 2013 Author Active Members Report Share Posted September 24, 2013 @SilenT - Da sigur Sunt b?iat cuminte@Eric - La fel m? întreb ?i eu @Stfean_Iordache - Nu cred c? au CC + nu am nevoie chiar dac? sunt.@Toshib4 - ?hhh. C? sperii pe?tii. @tpad - https://i.chzbgr.com/maxW500/7793529856/h8E7B0415/ Quote Link to comment Share on other sites More sharing options...
1337 Posted September 24, 2013 Report Share Posted September 24, 2013 Are user,pass,db. Tu ce crezi? sau mai lasi si tu un reply ca sa mai faci un post, sa pari interesant.In plus, aki e baiat cuminte:> n-ar face asa ceva.nu-i asa akkilion?Si daca serverul MySQL e pe localhost? Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 24, 2013 Author Active Members Report Share Posted September 24, 2013 Si daca serverul MySQL e pe localhost?Trebe s? fac rost de IP. Am portul doar. E cam nasol. Oricum intram s? v?d ce au. Dar nu luam nimic sau s? adaug.define("DB","localhost:*****M?car s? primesc ceva pe el atunci. Quote Link to comment Share on other sites More sharing options...
1337 Posted September 24, 2013 Report Share Posted September 24, 2013 Nu ai ce face cu IP-ul, doar daca ai un tunnel prin site-ul cu pricina daca serverul ruleaza doar pe local.Nu conteaza daca e pe localhost, e source code disclosure si o consider o vulnerabilitate de tip mid spre high-risk, felicitari! Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 24, 2013 Author Active Members Report Share Posted September 24, 2013 Nu ai ce face cu IP-ul, doar daca ai un tunnel prin site-ul cu pricina daca serverul ruleaza doar pe local.Nu conteaza daca e pe localhost, e source code disclosure si o consider o vulnerabilitate de tip mid spre high-risk, felicitari!Mersi.E primul meu SCD într-un site pot s? zic m?ri?or. Quote Link to comment Share on other sites More sharing options...
tpad Posted September 24, 2013 Report Share Posted September 24, 2013 Eram ironic dat fiind istoria PP de a face matrapazlacuri in privinta programului de rasplatire. Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 24, 2013 Author Active Members Report Share Posted September 24, 2013 Eram ironic dat fiind istoria PP de a face matrapazlacuri in privinta programului de rasplatire.Ok then Quote Link to comment Share on other sites More sharing options...
florin_darckCoi Posted September 24, 2013 Report Share Posted September 24, 2013 Vulnerability reported. Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 26, 2013 Author Active Members Report Share Posted September 26, 2013 News: Mi-au validat bug-ul Quote Link to comment Share on other sites More sharing options...
J Posted September 26, 2013 Report Share Posted September 26, 2013 De curiozitate,cat te astepti sa primesti? Quote Link to comment Share on other sites More sharing options...
Eric Posted September 27, 2013 Report Share Posted September 27, 2013 @Eric - La fel m? întreb ?i eu @Stfean_Iordache - Nu cred c? au CC + nu am nevoie chiar dac? sunt.Libertatea e mult prea scumpa pentru a fi traita in captivitate (sper sa se inteleaga ironia), pastreaza-ti statutul de pentester si nu te lasa influentat de pm-urile pe care le primesti cu "sa moara mama boss aici la noi, faci enspe mii de coco daca ai vulnu ala".Hall of fame-ul ajuta mult mai mult la cv.Exista o melodie pe undeva, si un simplu vers "mai bine sa iei bani decat ani", in continuare zic pastreaza atitudinea asta si nu te lasa influentat, valabil pentru tot rst-ul. Nu vreau sa fiu nici offtopic si nici sa o dau in etici morale cu voi, fiecare face ce vrea.Pana la urma care este profitul ?! Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted September 27, 2013 Author Active Members Report Share Posted September 27, 2013 Libertatea e mult prea scumpa pentru a fi traita in captivitate (sper sa se inteleaga ironia), pastreaza-ti statutul de pentester si nu te lasa influentat de pm-urile pe care le primesti cu "sa moara mama boss aici la noi, faci enspe mii de coco daca ai vulnu ala".Hall of fame-ul ajuta mult mai mult la cv.Exista o melodie pe undeva, si un simplu vers "mai bine sa iei bani decat ani", in continuare zic pastreaza atitudinea asta si nu te lasa influentat, valabil pentru tot rst-ul. Nu vreau sa fiu nici offtopic si nici sa o dau in etici morale cu voi, fiecare face ce vrea.Pana la urma care este profitul ?!Pai inca nu stiu. Inca nu am primit banii, doar ca e valid bug-ul si ca o sa primesc niste bani. Am sa revin cand imi dau banii cu un mesaj. Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted October 10, 2013 Author Active Members Report Share Posted October 10, 2013 (edited) [table=width: 500, class: full_border][tr] [td]Type[/td] [td]Domain[/td] [td]Payment Type[/td] [td]Status[/td] [td]Amount Paid[/td][/tr][tr] [td]Information Disclosure[/td] [td]paypal-*.com[/td] [td]Initial Payment[/td] [td]Valid[/td] [td]50[/td][/tr][/table]Ce mult am primit Asta e prima tran??. A?tept ?i pe a doua.Total = 100$Well done Paypul@ ! Edited October 10, 2013 by akkiliON Quote Link to comment Share on other sites More sharing options...
mah_one Posted October 10, 2013 Report Share Posted October 10, 2013 Si eu am primit odata 50$ - "Initial Payment", iar "Remaining bounty" a fost de 450$ pe un XSS in billsafe.de Quote Link to comment Share on other sites More sharing options...
Active Members akkiliON Posted October 10, 2013 Author Active Members Report Share Posted October 10, 2013 Si eu am primit odata 50$ - "Initial Payment", iar "Remaining bounty" a fost de 450$ pe un XSS in billsafe.deDar eu sigur nu o s? primesc mai mult pentru c? e site partner ... Dac? primesc mai mult am s? revin cu un mesaj.Mersi de informa?ie. Quote Link to comment Share on other sites More sharing options...
.darky Posted October 10, 2013 Report Share Posted October 10, 2013 Total = 100$ Quote Link to comment Share on other sites More sharing options...