Search This Blog

Powered by Blogger.

Blog Archive

Labels

CSRF Vulnerability in 160By2 and Way2Sms allows hacker to send sms from victim account

Cross Site Request Forgery (CSRF) Vulnerability in Top Online-based SMS sending service websites 160By2.com and Way2SMS.com allows hackers to send sms from victim account
I have discovered Cross Site Request Forgery (CSRF) Vulnerability in Top Online-based SMS sending service websites 160By2.com and Way2SMS.com.  Let me start with security flaw in the 160By2 because it is critical one.

CSRF  in 160By2:
The vulnerability allows hackers to send SMS from the target victim account to any mobile. I've discovered this flaw when i was sending New Year wishes to my friends.

The vulnerability resides in the "SMS alerts" page.  This page allows user to send Schedule SMS. Unfortunately, this page fails to check whether the request is coming from the user or not with the help of CSRF token.

So It is easy for an attacker to lure victim into click a crafted-link that sends malicious request to server.
CSRF Vulnerability in 160BY2
Hackers can modify the request such that it can send sms to anyone at any time.

Solution:
While sending the above request, include and verify "action" value that you have used in the main sms sending page.


CSRF in Way2SMS:
This vulnerability just allows hacker to change the name of the victim with a crafted-request.



Solution:
While sending the above request, include and verify "action" value that you have used in the main sms sending page.

I tried to notify both websites regarding the issue with solution to fix the vulnerability.  But there is no response from their side.  So i planned to publish the details .

Note: Previously, i discovered Persistent XSS vulnerability and notified 160By2 . But they failed to respond that time also.
Share it:

BreakTheSec

CSRF vulnerability

Featured

Vulnerability