On third March 2017, I visited Jet.Com and by investing a modest measure of energy I discovered a famous vulnerability in their site. It was considered as a Cookie Replay issue that leads to lifetime access of the victim's account. In case you're a security analyst or a bug researcher I generally exhort you to invest as much time in chasing as much you can, and that I learnt from one of my Indian friends.
Steps to Replication:
- Goto Jet's Account
- Login to Your Account
- Get the Cookies using " Burp Suite" or "EditThisCookie" or (AnyBrowser's Extension) Copy All These Cookies.
- Logout from the Account
- Clear All the Cookies of your Browser related with Jet's Account
- Save the Cookies you Copied in a Text File
- Now Inject/Import Old Cookies to the Jet's Account by "EditThisCookie" (Google Extension)
- As you can see, You will be again logged In to Jet's Account Account using old Session Cookies.
After identifying that report they changed the to triaged and I’m glad to get another bounty, but then they revoked and I was like :|
Following two days the report status changed to duplicate and resolved.
They recognized me by including my name in their Security researcher Hall of fame.
I'll test that site again as I got some time and I'll do my best to locate another interesting vulnerability. I thank Jet for acknowledgement and my thanks to you too for your profitable time.
Top comments (0)