Friday, November 23, 2018

Password Information Disclosure Vulnerability on Scribd.com

How i Found Information Disclosure on Scribd.com


hi, this is my first write up on medium.com.
11 days ago i found a vulnerability on scribd.com when i finding an answer of my homework ( I was lazy at that time).
then I made a document and made the document private
In my heart I thought that the download button made me curious, so I decided to intercept before pressing the download button. and I found a Request with the POST method in the url: https://www.scribd.com/document_downloads/request_document_for_download 
Then I will make a document and give a password (make private) the document and try to get access from another account. After that I created a new account and made a CSRF whose contents were more or less like this: 
<html> <title> Scribd VUlnerability </ title> <body> <form action = “https://www.scribd.com/document_downloads/request_document_for_download" method = “POST”>
<input type = “hidden” name = “id” value = “(ID FILE)” />
<input type = “submit” value = “Submit request” />
</ form>
 </ body>
 </ html>. 
and try to do pentesting. 
Bingo! after that I managed to get the password to see the private document. After that I asked whether there was a bug bounty program or not to the IT security scribd. after 11 days (When I wrote this) I immediately reported this bug to the Scribd team so that it could be fixed. 
Full Video PoC on my Blog :
https://raflipasya19.blogspot.co.id
My Youtube Channel :
T-GOX Channel


Status:
  • 19 November 2018 16:59 PM = Reported To Scribd Security Team
  • 20 November 2018 01:58 AM = Their team Triage my report
  • 23 November 2018 09:50 PM = No Respon, I disclose this report xD

Load disqus comments

0 comments