Skip to main content

Posts

Showing posts from July, 2018

marina.difesa.it | password recovery bug. Joe accounts. XSS

Malicious urls can be generated to redirectusers after login (phishing) https://supportopersonale.marina.difesa.it/login/?redirect_to=https://[phishing_site_obfuscated] Usernames can be detected by bruteforcing the password reset. There's no limit. https://supportopersonale.marina.difesa.it/password-reset/ example of working usernames: aldo giovanni giacomo Passwords can be changed with a specific bug adding in the string a second email as recipient. Various users have the password equal to the username.  In the user area it's possible to do stored XSS (tested) and possibly take over other accounts (not tested). - The email addresses can be used via https://mail.marina.difesa.it and in various cases passwords are the same as those used in supportopersonale.marina.difesa.it ______________ ______________ Another website where is possible to to bruteforce users (not as the previous one) https://vrmtc.marina.difesa.it/Portal/mail_password admin

real-time tracker & vehicle alarm - RF-V7 - Manual

The website is https://gps123.org/ the old website http://trackanywhere.com/ doesn't work.