Egyptian Cyber Security Analyst, 'Ibrahim Raafat', found and demonstrated 'Insecure Direct Object Reference Vulnerability' in Yahoo's website on his blog.
Exploiting the flaw escalates the user privileges that allow a hacker to delete more than 365,000 posts and 1,155,000 comments from Yahoo! Database. Technical details of the vulnerability are as explained below:
Deleting Comments: While deleting his own comment, Ibrahim noticed the HTTP Header of POST request, i.e.
prop=addressbook&fid=367443&crumb=Q4.PSLBfBe.&cid=1236547890&cmd=delete_comment
Where parameter 'fid' is the topic id and 'cid' is the respective comment ID. While testing, he found changing the fid and cid parameter values allow him to delete other comments from the forum, that are actually posted by another user.
Deleting Posts: Next, he also tested post deletion mechanism and found a similar loophole in that. A normal HTTP Header POST request of deleting a post is:
He found that, appending the fid (topic id) variable to the URL allows him to delete the respective post, that was not posted by himself i.e.Deleting Posts: Next, he also tested post deletion mechanism and found a similar loophole in that. A normal HTTP Header POST request of deleting a post is:
POST cmd=delete_item&crumb=SbWqLz.LDP0
POST cmd=delete_item&crumb=SbWqLz.LDP0&fid=xxxxxxxxIbrahim has reported the flaw to Yahoo Security team and also provided a Video Demonstration, as shown below:
A potential attacker with little knowledge of programming could write an automated script to delete all the comments and posts.
The vulnerability hunter claimed that he had received the Bug Bounty for reporting this security flaw to yahoo and which now has been fixed by the company.
I blog often and I really appreciate your information. This great article
ReplyDeletehas really peaked my interest. I will book mark your
website and keep checking for new details about once a week.
I opted in for your Feed too.
my weblog undercarder
Hi, its good post regarding media print, we
ReplyDeleteall know media is a impressive source of facts.
my site: Thorn TA
I'm really enjoying the theme/design of your site.
ReplyDeleteDo you ever run into any browser compatibility issues?
A number of my blog readers have complained about my site not operating correctly in Explorer but
looks great in Opera. Do you have any tips to help fix this problem?
Here is my weblog; Polymer Laboratories Thermal Analysis ()
Heya! I just wanted to ask if you ever have any problems with hackers?
ReplyDeleteMy last blog (wordpress) was hacked and I ended up losing a few
months of hard work due to no data backup. Do you have any solutions to protect against hackers?
Here is my web-site; scientific measuring instruments
Howdy! This is kind of off topic but I need some help from an established blog.
ReplyDeleteIs it tough to set up your own blog? I'm not very techincal but
I can figure things out pretty quick. I'm thinking about making my own but I'm not
sure where to start. Do you have any tips or suggestions?
With thanks
My page ... scientific instruments
I know this if off topic but I'm looking into starting my own blog
ReplyDeleteand was wondering what all is needed to get setup? I'm assuming having a blog like yours would cost a pretty penny?
I'm not very internet savvy so I'm not 100% sure. Any recommendations or advice would be greatly appreciated.
Thank you
Take a look at my homepage :: Thorn Thermal Analysis
For latest news you have to visit web and on world-wide-web I found this web page as
ReplyDeletea best website for most up-to-date updates.|
Look at my webpage program pit 2013 (http://superprogrampit.pl/)
Thank you for the auspicious writeup. It in fact was a amusement account it.
ReplyDeleteLook advanced to more added agreeable from you! By the way, how can we communicate?
My homepage :: how to do kegel exercises for men
Whoa! This blog looks just like my old one!
ReplyDeleteIt's on a totally different topic but it has pretty much
the same layout and design. Outstanding choice
of colors!
My site: ta
Your main objective iis too travel certin distances and reach goals without
ReplyDeletecrashing. Music, art and verbal literature help to reinforce religious andd their social patterns.
Q: Like you mentioned, 'Day of the Falcon' is set about half a century ago.
My homepage ...clash of clans hack tool
Havе yoս evеr considered about adding a little ƅіt more than just your articles?
ReplyDeleteI mean, what you say is important and everʏthing.
But imaǥine if you added some great photos or videos to give yoսr posts morе, "pop"!
Your conteոt is excellent but wіth pics and video clips, this sitе coսld undeniably be one of the
greatest in its field. Verү good blog!
Аlso visіt my paցe: Google
ңmm is anyonе else eхperiencing problems wuth the images on this
ReplyDeleteblog loading? I'm trying to determine if its a
proƄlem on my end or if it's the blog. Any feedback would be greatly
appreciated.
Also visit my web site Buy Twitter Followers Romney
Hi there i am kavin, its my first time to commenting anyplace, when i read this article i thought i could also make comment due to this
ReplyDeletesensible article.|
my page; darmowy program pit 2013
ReplyDeleteMy blog post pit 2013 program
Fine way of describing, and fastidious piece of writing to get facts on the
ReplyDeletetopic of my presentation focus, which i am going
to present in school.
forex edge model review
ReplyDeleteFeel free to visit my web-site: program pit 2013
ReplyDeleteAlso visit my homepage ... pit 2014 program
Awesome issues here. I'm very glad to look your post.
ReplyDeleteThanks so much and I am taking a look ahead to touch you.
Will you please drop me a mail?
forex edge model review
The plays involved with the MMORPG online games can have
ReplyDeletemore than 2 players and are required to play as teams.
As with all other Role Play games, the player lives within a fantasy world in the form of a character
and is in charge of the characters actions. Trade skills can be obtained from
a Trade Skills Instructor and allow players to mine ore, smelt
weapons and collect timber.
My webpage gry mmo 2d po polsku