Bypass Rate Limit Brute Force Protection Login Attempt Protection Captcha Bypass

Hello All While pentesting an application we might face some problem of  Brute Force Protection , Login Attempt Protection And Captcha Based Protection , So today we will see how can "Bypass Rate Limit Brute Force Protection Login Attempt Protection Captcha Bypass"

First of all we will not use any kind of ready made tools for this , So lets begin !

Many people will think that this is a small issue, But if we look closely an attacker point of view then we will came to know , that By Brute Forcing any login panel can allows an attacker to gain administrative privilege instead of looking for vulnerabilities like RCE , SQL Injection and other critical vulnerability which might also allow us to take the Root or Administrator Level access.

Here i am describing many different techniques which i have observed while pentesting or hunting bugs.

Backup Vulnerability Vulnerability Exploitation

cPanel WebDisk Android App 4.0 : Backup Vulnerability

Hello folks,

This vulnerability is regarding an Insecure Data Storage & Security Miss-Congiguration, which can be achieve using Android Backup Functionality.

We all know that many of the mobile application stored user credentials or any sensitive data into device itself as clear text format. which ideally not a good practice.

But many of us might know that to access that data we need root privileges or require some special conditions like debugging to be enable. So still if the mobile application is storing sensitive data in clear text its not an issues. Many Security Teams & Bug Bounty Programs Specially exclude this kind of vulnerability where Root/JailBroken conditions required to exploit a vulnerability.

Hacking Facebook Polls: Access Control Vulnerability

Hacking Facebook Polls - Poll Access Control Vulnerability: Dead Pool Version

Hello All,

Its been very long time that i am not in bug bounty things due to some reasons.Today we will see how i was able to do Hacking Facebook Polls.While surfing facebook groups, There is an module called "Polls" who got my attention. Using this module "Polls" admin/group members can create polls to get group members re-actions.

Basically the vulnerability is about "Access Control"  in facebook polls, There are two controls which facebook offers and one of them is "Allow anyone to add options". If poll creator has disabled this option then users cant add more options to the poll, Even admin cant & if it is not disabled then any group member can add more options to the poll.

Analysis Part

Abusing Windows Opener To Bypass Certain Restriction ( CSRF Bypass )

Hello all =D , Hope you are doing well

Today we will see that how we can Abuse Windows Opener function to bypass certain restriction in web application.

So first lets see what is Windows Opener Function

According To Mozilla Developer Guide 

When a window is opened from another window, it maintains a reference to that first window aswindow.opener. If the current window has no opener, this method returns NULL.  Windows Phone browser does not support window.opener.  It is also not supported in IE if the opener is in a different security zone.

===================================================================

Modx XSS And CSRF Bypass "CVE-2014-8773 , CVE-2014-8774 , CVE-2014-8775"

Modx XSS And CSRF Bypass

Hello all Bro`s :) ;) , Leets and learners , Hope you all are well and enjoying your bounties as well as ;)

Today we will see how i got Modx XSS And CSRF Bypass ( Modx CSRF + XSS = A Perfect Disaster  ) ;)

Attacker Scenario Is Inspired From Symantec CSRF

So What Is Modx

MODX is the web content management system (CMS) that gives you complete control over your site and content, with the flexibility and scalability

Wordfence Firewall Plugin XSS "CVE-2014-4664"

"Wordfence Firewall Plugin XSS"  "CVE-2014-4664"

Hello All Friends , Its a long time gone that i talk or post about XSS Vulnerability , My last post about XSS was Google XSS Which i was found in last year @ starting of my carrier

So lets come to post

Today we will see that how i got "Word Press Firewall Plugin Wordfence  XSS"

Referrer CSRF Bypass ( Not Effective But Alternative )

Referrer CSRF Bypass ( Not Effective But Alternative )

=============================================

Hello all friends we are meeting again in very short time ;-)

Today we will see how we can bypass the Referrer CSRF Bypass

By using Chained Vulnerability..

So Lets Begin

Symantec CSRF Bypass Vulnerability

Symantec CSRF Vulnerability
Hello friends here i came with another vulnerability article

Symantec Antivirus Well Known Anti Virus Official Website Vulnerable To CSRF Vulnerability...

First i go to symantec customer log in page and created my own test accounting for testing....I Switch to Live Http Headers , and then i suck , Why !! there is a CSRF Tokens called "Nonce"