Lucene search

K
huntrAhmedvienna54FB6D6A-6B39-45B6-B62A-930260BA484B
HistoryMar 17, 2023 - 2:32 p.m.

strong Password Policy Bypass through removing a specific Parameter and setting the Passwort to 1

2023-03-1714:32:15
ahmedvienna
www.huntr.dev
3
password policy
security issue
proxy submission
bypass
passwort restriction
password change
passwort 1
login bypass
successful bypass
bug bounty

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.9%

Hello,

i was able to detect another password security issue.

While changing the password the attacker can use the proxy and submit for example password as 1.

Altough there is a passwort policy restriction but i managed to bypass that.

Let me show you :)

The Password is now 2 lets change it to HACK

As you can see we have a password policy at least 8 characters with one digit.

Lets change the password to 1 by deleting the first newpassword and leaving the confirmation.

After that we will login with the passwort 1 to the app.

lets see :)

changed the passwort from 2 to 1 lets see the reply and output


profile and passwort accepted.

lets login with the username: [email protected]
adn PASS: 1

As you can see the password is 1 lets login.

as you can see we have logged in successfully.

Will show it you again.

Bypass for the strong password policy.

Thank you for watching :)

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

56.9%

Related for 54FB6D6A-6B39-45B6-B62A-930260BA484B