Skip to main content

marina.difesa.it | password recovery bug. Joe accounts. XSS



Malicious urls can be generated to redirectusers after login (phishing)
https://supportopersonale.marina.difesa.it/login/?redirect_to=https://[phishing_site_obfuscated]



Usernames can be detected by bruteforcing the password reset. There's no limit.
https://supportopersonale.marina.difesa.it/password-reset/

example of working usernames:
aldo
giovanni
giacomo

Passwords can be changed with a specific bug adding in the string a second email as recipient.

Various users have the password equal to the username. 

In the user area it's possible to do stored XSS (tested) and possibly take over other accounts (not tested).

-
The email addresses can be used via https://mail.marina.difesa.it and in various cases passwords are the same as those used in supportopersonale.marina.difesa.it
______________

______________
Another website where is possible to to bruteforce users (not as the previous one)
https://vrmtc.marina.difesa.it/Portal/mail_password

admin



Comments

Post a Comment

Popular posts from this blog

Moodle 3.8.1+ - path leak via errors in several files

Moodle 3.8.1+ ----------------------------------------------- File: admin/mailout-debugger.php #!/usr/bin/php Notice : Disabled. in \admin\mailout-debugger.php on line 73 File: admin/settings/appearance.php Notice : Undefined variable: hassiteconfig in \admin\settings\appearance.php on line 10 Fatal error : Uncaught Error: Call to undefined function has_any_capability() in \admin\settings\appearance.php:10 Stack trace: #0 {main} thrown in \admin\settings\appearance.php on line 10 File: admin/settings/badges.php Notice : Undefined variable: hassiteconfig in \admin\settings\badges.php on line 30 Fatal error : Uncaught Error: Call to undefined function has_any_capability() in \admin\settings\badges.php:30 Stack trace: #0 {main} thrown in \admin\settings\badges.php on line 30 File: admin/settings/courses.php Notice : Undefined variable: hassiteconfig in \admin\settings\courses.php on line 32 Fatal error : Uncaught Error: Call to undefined function
Post a Comment
Read more

2022 - Remove (the too many) Ads from Memu launcher

Simple method Download from pureapk "MEmu Launcher2" ex: MEmu Launcher2_v6.0.9_apkpure.com Install "System app remover" (root) remove from system apps the "memu launcher 2" import the "purified" MEmu Launcher2 apk with the Memu utility ("apk" on the right toolbar) Longer method Install "Export Apk" Export the memu launcher2  Install purify https://github.com/echo-devim/purify/raw/master/Purify.apk use purify with the exported memu launcher 2 Install "System app remover" (root) remove from system apps the "memu launcher 2" import the "purified" MEmu Launcher2 apk with the Memu utility ("apk" on the right toolbar)      
Post a Comment
Read more