ebay Data Leakage and Manipulation (credit of RayAegis)

資安議題研究區

ebay Data Leakage and Manipulation (credit of RayAegis)

Postby B2W » Sat Jun 06, 2015 12:35 am

Some sensitive data is not encrypted by SSL or TLS, leading to data leakage and manipulation. These are the steps to reproduce the issue.

1. Log in ebay
2. Check the inbox. All the messages are not encrypted. The eBay website doesn't apply SSL or TLS by default.
3. Check Account. UserID, Secret question, Registered name and address shown are transmitted without encryption.
4. All search keywords are not encrypted.
5. When you commit to buy something, the http-post message is also sent by http. MITM attackers may manipulate quantity, stock, and other parameters in the middle. This may lead to serious transaction issues.
6. The message of Contact eBay Customer Service is posted in clear text.
7. Users' session ID and personal information can be eavesdropped in this way.
8. There is much other sensitive information delivered in clear text.


Three samples from ebay without encryption:
(1) HTTP-GET http://my.ebay.com/ws/eBayISAPI.dll-Mye ... RK:ME:LNLK.
(2)HTTP-POST
http://offer.ebay.com/ws/eBayISAPI.dll
(3) HTTP-POST
http://ocs.ebay.com/ws/eBayISAPI.dll
->The message body is in clear text.
B2W
 
Posts: 22
Joined: Fri May 02, 2014 1:53 am

Return to 研究專區(Research Area)

cron