| Filename | Hacking PayPal Account with Just a Click |
| Permission | rw-r--r-- |
| Author | Unknown |
| Date and Time | 12/03/2014 |
| Label | Cyber News |
| Action |
Ethical Hacking Institute in Pune
./Arizona Team
The eBay owned popular digital payment and money transfer service, PayPal has been found to be vulnerable to a critical web application vulnerability that could allow an attacker to take control over users' PayPal account with just a click, affecting more than 156 millions PayPal users.
An Egyptian security researcher, Yasser H. Ali has discovered three critical vulnerabilities in PayPal website including CSRF, Auth token bypass and
Resetting the security question, which could be used by cybercriminals in the targeted attacks.
Cross-Site Request Forgery (CSRF or XSRF) is a method of attacking a website in which an attacker need to convince the victim to click on a specially
crafted HTML exploit page that will make a request to the vulnerable website on their behalf.
Mr.Yasser demonstrated the vulnerability step-by-step in the Proof-of-Concept (PoC) video using a single exploit that combines all the three
vulnerabilities. According to the demo, using Paypal CSRF exploit an attacker is able to secretly associate a new secondary email ID (attacker's email) to
the victim's account, and also reset the answers of the security questions from target account.
PayPal uses security Auth tokens for detecting the legitimate requests from the account holder, but Mr. Yasser successfully bypassed it to generate exploit
code for targeted attacks, as shown in the video.
Yasser told , "I found out that the CSRF Auth is Reusable for that specific user email address or username, this means If an attacker found any of these CSRF Tokens, He can then make actions in the behave of any logged in user."
Once executed, the exploit will add attacker's email id to victim's account, which could be used to reset the account password using "Forgot Password" option from the Paypal website. But the attacker can not change the victim's password without answering the security questions configured by user while signing up.
Yasser found that another bug in PayPal allows him to reset the security questions and their answers of his choice, hence this facilitates him to bypass the PayPal security feature completely in order to reset the new password for the victim's account.
Paypal security team has patched the vulnerability following the Yasser's report via Bug Bounty Program. Three Month ago, Yasser found similar bug in eBay website that allowed hackers to hijack any eBay account in just 1 minute.
www.arizonainfotech.com
CEHv8 CHFIv8 ECSAv8 ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune
./Arizona Team
The eBay owned popular digital payment and money transfer service, PayPal has been found to be vulnerable to a critical web application vulnerability that could allow an attacker to take control over users' PayPal account with just a click, affecting more than 156 millions PayPal users.
An Egyptian security researcher, Yasser H. Ali has discovered three critical vulnerabilities in PayPal website including CSRF, Auth token bypass and
Resetting the security question, which could be used by cybercriminals in the targeted attacks.
Cross-Site Request Forgery (CSRF or XSRF) is a method of attacking a website in which an attacker need to convince the victim to click on a specially
crafted HTML exploit page that will make a request to the vulnerable website on their behalf.
Mr.Yasser demonstrated the vulnerability step-by-step in the Proof-of-Concept (PoC) video using a single exploit that combines all the three
vulnerabilities. According to the demo, using Paypal CSRF exploit an attacker is able to secretly associate a new secondary email ID (attacker's email) to
the victim's account, and also reset the answers of the security questions from target account.
PayPal uses security Auth tokens for detecting the legitimate requests from the account holder, but Mr. Yasser successfully bypassed it to generate exploit
code for targeted attacks, as shown in the video.
Yasser told , "I found out that the CSRF Auth is Reusable for that specific user email address or username, this means If an attacker found any of these CSRF Tokens, He can then make actions in the behave of any logged in user."
Once executed, the exploit will add attacker's email id to victim's account, which could be used to reset the account password using "Forgot Password" option from the Paypal website. But the attacker can not change the victim's password without answering the security questions configured by user while signing up.
Yasser found that another bug in PayPal allows him to reset the security questions and their answers of his choice, hence this facilitates him to bypass the PayPal security feature completely in order to reset the new password for the victim's account.
Paypal security team has patched the vulnerability following the Yasser's report via Bug Bounty Program. Three Month ago, Yasser found similar bug in eBay website that allowed hackers to hijack any eBay account in just 1 minute.
www.arizonainfotech.com
CEHv8 CHFIv8 ECSAv8 ENSA CCNA CCNA SECURITY MCITP RHCE CHECKPOINT ASA FIREWALL VMWARE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune