Hilton Hotel The Official Website of the CSRF vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201560315
Type myhack58
Reporter 佚名
Modified 2015-03-25T00:00:00



A world-class hotel chains--Hilton Hotel The Official Website of the aeration CSRF(cross-site request forgery)vulnerabilities, while the CSRF vulnerabilities in the most security researchers eyes not on the“high-risk”, but this vulnerability can be not small.

Change the password can be obtained 1 0 0 0 points

World-class hotel chain tycoon--Hilton recently launched a campaign to encourage users to frequently changes passwords improves security awareness, in 4 by 1 may change the account password, you can obtain 1 0 0 0 free points. However, very ironically, the security researchers in this promotion on the function found a CSRF vulnerability--as long as the attacker knew or guessed the honorary member of the 9-digit membership card number can be any hijacking their account.


The vulnerability is by the security consulting and testing company Bancsec Technical Advisory members Brandon Potter, and JB Snyder found.

By the CSRF vulnerability to hijack the victim account after that, the attacker can see all the user information, may also change their information include: change the account password, before the preview browse through the web page, and redeem Hilton points to book a hotel, the credits Cash to a Bank card or go to another honorary member of the account fine. The vulnerability will also reveal the user's email account, home address, and even credit card after 4 digits.

The CSRF vulnerability is marked as a hazard another reason is because when a user on the website to change the password, the logged-in user without having to re-enter their original password.

Researchers use their membership card to demonstrate the vulnerability

[1] [2] next