This is part 2 of P4 bug’s if you haven’t check part one then check it out. Click Here…
Hi everyone, I am socalledhacker, i am a security researcher , penetration tester, certified ethical hacker and a web3 noob. In past months, I have discover lots of bugs but in today’s article we are going to discuss about low hanging fruits or P4 vuln’s as they are very easy to find and also present in almost every website. So let’s start with our first vulnerability.
1. Improper Cache-Control
So first of all what is cache-control and how it works. Fu*k it who cares this article is not about what, it is about how we can find it on a real website. If you are curious about what is cache-control then check this out.
How to find it: In website firstly login then go on a sensitive page like profile, password change etc. etc. and then logout from that page directly and after logout press back button in browser and if that sensitive page open without asking for credentials then it’s a bug.
One more thing after pressing back button and if sensitive page opens directly and you can edit any data on that page then it’s P3.
It’s POC time..
Description:- The cache-control and pragma HTTP header have not been set properly or are missing allowing the browser and proxies to cache content.
Steps to reproduce:-
- Open the url in your browser https://example.com
- Login using the desired credentials
- Open any sensitive page like (account / settings /profile )
- Click on the signout button
- Press the back button of the browser
- User’s sensitive information will be visible on the page
Impact:-
When sensitive data is being stored and transmitted by the application which does not have the `Cache-Control` header, an advanced attacker can access the sensitive data, phish users and cause reputational damage to the business.
2. HTTP by default
If a domain doesn’t have SSL certificate or SSL certificate expired or HSTS header not present and it’s running on http and site is dynamic then it’s a P4.
Condition: Only self hosted programs will accept this bug.
Oh. you found this bug then it’s time to make POC.
Description:-
The website is not fully protected by an SSL certificate. This could allow an attacker in a Man-in-the-Middle position to obtain usernames and passwords of users visiting the site.
Steps to reproduce:-
- Copy the url http://example.com
- Paste it in new tab and add a ‘s’ in the domain
- If it does not open on https, it is vulnerable
Impact:-
If a user were to visit this page from a public or shared network (eg, office, airport, library, etc.) and login into an account, a malicious user on the same network would be able to obtain that user’s username and password by conducting a Man-in-the-Middle attack using Wireshark. This would allow the malicious user complete access to the user’s account
That’s it for this article I will upload more articles related to web2 bugs covering all p4 to p1 bugs in near future so stay tuned … 🙂
Buy Me a Coffee : https://buymeacoffee.com/socalledhacker
Follow Me On :
Would you be concerned with exchanging hyperlinks?
I like what you guys are up also. Such intelligent work and reporting! Keep up the excellent works guys I have incorporated you guys to my blogroll. I think it will improve the value of my website 🙂
Thanks for the article. My partner and i have generally seen that many people are desperate to lose weight because they wish to look slim and attractive. Nonetheless, they do not often realize that there are many benefits for losing weight additionally. Doctors insist that obese people are afflicted by a variety of health conditions that can be directly attributed to their own excess weight. The great news is that people who sadly are overweight as well as suffering from several diseases can help to eliminate the severity of their own illnesses by losing weight. You’ll be able to see a steady but notable improvement with health as soon as even a moderate amount of weight-loss is reached.
Be adjacent to us second at 1xBet in behalf of the fundamental online cricket betting common sense! We advance the outdo and most enticing cricket odds recompense massive winnings.
Don’t miss elsewhere on the chance to finish first in obese with 1xBet!
Skim through our comprehensive cricket betting lines and fancy a single and overwhelming experience like no other.
1xbet
MetaMask Download is super straightforward! It works perfectly on Chrome, Opera, and even Firefox. If you need setup help, https://metanaito.net/ has you covered.
If you’re looking for help with the Metamask app, https://metamenu.org/ has you covered! It made downloading and setting it up on my mobile a breeze.
If you’re struggling with installing Metamask on Chrome, https://sites.google.com/view/metamask-extension-dfkasdkfdnt/download is the best resource. Their guide is clear and easy to follow.
If you need help installing the Metamask Chrome extension, look no further than https://sites.google.com/view/metamask-extension-download-oa/chrome. Their guides are extremely useful, making the setup process smooth and simple.
Heya! I just wanted to ask if you ever have any problems with hackers? My last blog (wordpress) was hacked and I ended up losing a few months of hard work due to no data backup. Do you have any solutions to prevent hackers?
great post, very informative. I wonder why the other experts of this sector don’t notice this. You must continue your writing. I am confident, you have a huge readers’ base already!
Crypto security is a big concern, so I was careful about where to download Metamask. Luckily, I found https://metanate.org/, which provided a safe and detailed guide to installation. Now I can use my wallet worry-free!
Setting up the Metamask extension on Chrome was a breeze thanks to https://metamake.org/. If you’re new to crypto wallets, this site provides all the info you need to get started. Super helpful and easy to follow!
I had no idea how to download Metamask, but https://metaduck.org/ provided a clear guide. Now I can use my crypto wallet without any issues.
I was skeptical about installing the Metamask extension, but after following the guide on https://metapaws.org/, I feel much more confident. Highly recommended for crypto users!
If you want a secure way to install the Metamask Chrome extension, don’t look anywhere else. https://download.metaredi.org/ has an easy-to-follow guide that ensures a smooth installation process. I found it super useful!
The best resource for installing the Metamask extension is definitely https://metamaker.org/#metamask-download. I followed their instructions and got my wallet up and running in no time!
Thanks for posting. I really enjoyed reading it, especially because it addressed my problem. http://www.ifashionstyles.com It helped me a lot and I hope it will help others too.
Nicely put, Thanks!
casino us online https://usagamblingexperts.com/casino-apps/ royal online casino games
Information clearly considered.!
10 cent im einsatz online casino 2021 https://combatcasino.info/real-money-online-casino-new-jersey/ nz online casino paysafe
Thank you for your articles. I find them very helpful. Could you help me with something? http://www.hairstylesvip.com
Cheers! Numerous tips.
casino land online casino https://buckscasino.info/mbl-betting/ online casinos stiftung warentest
Nicely put. Thanks a lot.
gta online casino horse racing strategy https://igamingcasino.info/cricket-betting/ online casinos offering no deposit bonuses
Many thanks. Valuable information!
the gaming club online casino https://igamingcasino.info/review-las-atlantis/ online casino gratis freispiele ohne einzahlung
Wonderful postings. Many thanks.
online casinos that accept credit card real money https://casinoslotoking.com/bet-on-cricket/ casino poker games online free
Wonderful info. Kudos.
ag online casino https://ratingcasino.info/online-casino-new-jersey/ casino on gta 5 online
Nicely put. Thank you.
888 casino online roulette https://casinonair.com/arizona-online-casinos/ gta online diamond casino and resort
Valuable info. Many thanks!
best car gta v online casino update https://mapcasino.info/online-craps/ online casino borgata
Great posts. Thanks.
casino online nl ideal https://buckscasino.info/online-craps/ ndbc online casino
MetaMask Extension is a lifesaver. I use it to manage my Ethereum-based assets safely, and it integrates seamlessly with DeFi platforms.
MetaMask Extension offers top security. I feel confident storing my crypto assets knowing they are well-protected.
MetaMask Download made easy! Setting up a wallet takes minutes, and it’s perfect for managing Ethereum and NFTs effortlessly.
MetaMask Extension offers top security. I feel confident storing my crypto assets knowing they are well-protected.
MetaMask Extension is my go-to crypto wallet. It offers top-tier security and integrates well with all major dApps. A game-changer!
Can I simply say what a aid to seek out somebody who truly knows what theyre speaking about on the internet. You definitely know learn how to carry an issue to mild and make it important. More folks must learn this and perceive this side of the story. I cant believe youre no more standard since you definitely have the gift.
Wow! Thank you! I always wanted to write on my website something like that. Can I implement a portion of your post to my site?
MetaMask Download made easy! Setting up a wallet takes minutes, and it’s perfect for managing Ethereum and NFTs effortlessly.
MetaMask Chrome makes blockchain access seamless. I can connect to dApps and interact with DeFi platforms in just a few clicks.