1235 matches found
HackerOne: Email spoofing
There are few email spoofing tool is available free.one them is http://emkei.cz/ when I tried to send a email from ███████ to my email ,it was successful but when i tried to send the another from ██████ , i did not receive any email.Hence, there might be some configuration missing in your mail...
HackerOne: Logical issues with account settings
earlier email was not allowed to change ,but now there is no verification on changing email. when user try to change the password , they were asked to verify the request by entering old password. For the same reason a verification should be there on changing email.The worst part is hackone send...
HackerOne: DNS Cache Poisoning
I noticed if I made a request to your website, intercepted the request, and added the header... X-Forwarded-Host: evil.com it would redirect me to evil.com. Well, after that, I tried going to hackerone.com and I was instantly redirected to evil.com. This is a result of DNS cache poisoning...
HackerOne: Flawed account creation process allows registration of usernames corresponding to existing file names
As requested by Alex: "You mentioned in the report to contact you on this account instead. Is this the email address you prefer to use for payment? If so, would you mind resubmitting the issue from this account so we can issue a payout to the proper account?" ---------- The account creation proce...
HackerOne: GIF flooding
Current limits --------------------- Image size: 1 MB Image dimensions: 2048x2048px File types: jpg/png/gif Another image hack --------------------- A GIF composed of 40k 1x1 images made Paperclip freeze until timeout. As attachments I sent the file composed of 40k images, and a screenshot of the...
HackerOne: Session not expired on logout
hackerone.com website is not expiring the user's session immediately after logout. Steps to verify: 1. Log into the website - hackerone.com. 2. Capture any request. For ex, profile edit page using burp proxy. 3. Logout from the website. 4. Replay the request captured in step 3 and notice it...
HackerOne: Privilege escalation..., or not?!
I just created the admin profile, go check it out: https://hackerone.com/nimda Or see attached image! This is very much related! svg/onload=alert1// Free iPad Here! This is Unrela...
HackerOne: CSP not consistently applied
Also thought I'd formally submitted the issue we discussed yesterday, that sometimes the CSP response headers served are missing for browsers that don't support them, but then the page without these headers can be cached by Cloudflare. This makes it easier to mount a XSS attack...
HackerOne: RTL override symbol not stripped from file names
Any U+202E RIGHT-TO-LEFT OVERRIDE and similar symbols in file names of uploaded files are not stripped from the file name, causing potentially malicious executables to look like harmless images, for example. This might trick HackerOne panel members into accidentally opening evil h4x0r filez. I’ve...
HackerOne: Session Management
Hackerone fails to expire the session cookie from the server side even when the user logs off upon clicking "Sign-Out" from the application. The cookie is cleared from the client side browser, but is not cleared from the server side. If reused, it provides access to the user's account. Upon loggi...
HackerOne: Broken Authentication and session management OWASP A2
Description: Session management issue in https://www.hackerone.com Cookies are used to maintain session of the particular user and they should expire once the user logs out of his hackerone account.In secure web application,Cookies immediately expire once the user logs out of his account. But thi...
HackerOne: Real impersonation
When you view merijn.html his profile shows the profile page of the merijn user although the former is a completely different user. This way users can potentially impersonate other users...
HackerOne: Flawed account creation process allows registration of usernames corresponding to existing file names
The account creation process allows to set up account names corresponding to names of server ressources, e.g. I just successfully created an account robots.txt which results in a profile path of https://hackerone.com/robots.txt and results in an bugged account as accessing account settings etc is...
HackerOne: Missing SPF for hackerone.com
There is no TXT record in DNS zone that defines Sender Policy Framework entry for domain hackerone.com. This makes it easy to spoof your e-mail address...
HackerOne: Login page password-guessing attack
A brute-force attack is an attempt to discover a password by systematically trying every possible combination of letters, numbers, and symbols until you discover the one correct combination that works. hackerone.com page doesn't have any protection against password-guessing attacks brute force...