David Sopas – Web Security Researcher

yahoo

07/01/16 Swag # , , , , ,

Companies that I’ve helped improve their security

Companies that I’ve helped improve their security

Google, Yahoo!, eBay, Microsoft, Etsy, Nexmo, Weebly, Edmodo, HackerOne, Desk, Adobe, ArubaNetworks, Condé Nast, Linkedin, Acunetix, SendGrid, Rocky Bytes, DepositFiles, Workable, MailChimp, Prestashop, HP, Kaspersky, OLX, RunKeeper, Tumblr, ESET, Symantec, Dowjones, Issuu, Jobs.cz, Alexa/Amazon, McAfee, Booking, AVG, Panda Security, Hootsuite, Circle, DoSomething, Zendesk, Nokia, 123 Contact Form, FoxyCart, Orkut, Segment.io and SilentCircle.

The other ones are private 🙂

0 likes no responses
25/09/15 Interesting Readings , Tips and Tricks # , , , , ,

Yahoo! and other sites vulnerable to Open Redirect

Yahoo! and other sites vulnerable to Open Redirect

A couple of portuguese security researchers published a article about a vulnerability on Linkedin and Yahoo! that allows a malicious user to redirect victims to other sites. The problem is/was located on a vulnerable version of Express – Node.js web application framework.

So with a simple modification in the URL you get a Open Redirect attack:

https://touch.www.linkedin.com////www.google.com/%2e%2e

http://developer.yahoo.com////www.google.com/%2e%2e

http://publish.yahoo.com//www.google.com/%2e%2e

Both Yahoo! attacks are still open to attack and working in Firefox and Opera browsers.

I found out that many other sites are vulnerable to this attack including MySpace. Just searching on the official ExpressJS site you can get a list of big companies and start-ups vulnerable to this attack – http://expressjs.com/resources/applications.html

This is a easy fix – just update your Express Framework and you’re done!

0 likes one response