Jump to content
Guest Kronzy

[Flash Cross Domain Policy] *.Nokia.com

Recommended Posts

Guest Kronzy

#Type of vuln : Flash Cross Domain Policy

#Target : www.*.nokia.com

#Author : KRONZY

#P.O.C : JdQDRpC.png

#References : 1. https://www.owasp.org/index.php/Test_RIA_cross_domain_policy_%28OTG-CONFIG-008%29

2. CWE - CWE-942: Overly Permissive Cross-domain Whitelist (2.8)

3. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2227

Raportata. , low level.

Edited by Kronzy
Link to comment
Share on other sites

  • Active Members

Useless , succes la uploadat un fisier cu o aplicatie flash care sa faca acel request cross-domain care sa preia pagina sursa a pagini de schimbat setarile contului si sa faci alt request cu codul csrf obtinut anterior sa schimbe parola sau ceva.

A da e clar daca ai dat link pe owasp sigur e convingator si profi.

Edited by 0xStrait
Link to comment
Share on other sites

Nici crossdomain-ul din main domain nu este foarte safe.

<allow-access-from domain="*.nokia.com"/>
<allow-access-from domain="*.nokia.ie"/>
<allow-access-from domain="*.nokiausa.com"/>
<allow-access-from domain="*.nokia.co.za"/>
<allow-access-from domain="*.nokia.fr"/>
<allow-access-from domain="*.nokia.it"/>
<allow-access-from domain="*.nokia.de"/>
<allow-access-from domain="*.nokia.es"/>
<allow-access-from domain="*.nokia.nl"/>
<allow-access-from domain="*.nokia.co.in"/>
<allow-access-from domain="*.nokia.com.sg"/>
<allow-access-from domain="*.nokia.be"/>
<allow-access-from domain="*.nokia.ru"/>
<allow-access-from domain="*.nokia.fi"/>
<allow-access-from domain="nokia.fusepump.com"/>

Deci se poate exploata si asta prin metoda aplicata in oculus de Paulos YIBELO. Facebook’s Oculus – Cross-Site Content Hijacking (XSCH) to Bypass SOP ~ Paulos Yibelo - Offical Blog

Link to comment
Share on other sites

Guest Kronzy
Nu da cu scannere doar in site-uri cu Bb.A dat si in altele

Vreau ceva dovezi de la tine ca am folosit scannere , in primu rand nu folosesc asa ceva.

2. Folosesc doar Burp Suite pentru ca intruder,request-uri,spider.

3. Nu mai fi offtopic , jumatate din post-urile tale sunt offtopic.

Link to comment
Share on other sites

Felicitari @Kronzy sa ne anunti cand ti-au raspuns, cat despre tine quadxenon nu mai fa offtopic in thread-ul omului. ( puteai sa-i dai PM ca si-a uitat IP in poza si aia e. )

Ok, data viitoare o sa ii dau Pm si o sa ii spun, Kronzy , ai uitat sa iti ascunzi ip-ul in dreapta sus in Screenshotul asta : fixed

Edited by nedo
Link to comment
Share on other sites

Guest Kronzy
Ok, data viitoare o sa ii dau Pm si o sa ii spun, Kronzy , ai uitat sa iti ascunzi ip-ul in dreapta sus in Screenshotul asta :

Cred ca nu era necesar sa pui tu poza iar , din moment ce am blurat ip-ul.

Edited by Kronzy
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...