2021-06-19 14:19:32 Author: infosecwriteups.com(查看原文) 阅读量:121 收藏
Hi There,
Renganathan here.
This write-up is about an accidental bug that I found on LinkedIn.
So that was the early time when I joined LinkedIn and I didn’t know much about the working functionalities. I’ve used only Instagram in my life *_*
I was trying to send a connection request to a person and I noticed I can give a personalized note with the requests. I added a message with around 650 characters approximately.
But LinkedIn allows, only 300 characters. So As a noob, what I did was, I used inspect element to change the maxlength=300 value. And then I sent the request.
BOOM!
It didn’t work, what else did you expect :/
Then I thought of using Burp Suite to add more content, which is more than 300 characters in the POST request. Something like below
“message”:{“values”:[{“value”:”follow me on Instagram”}]}
And I clicked forward, and the connection request was sent successfully. Then I went to mynetwork/invitation-manager/sent/ to see the sent connection requests.
BOOM!
This worked :)
So, the characters I sent were more than 300 obviously and it was sent successfully.
So, Reporting this as a business logic error won’t be good. So I tried adding a very huge request to my test account with a kind of hundred thousand characters.
I opened it from my android phone and the app was crashed.
I was like “IS THIS A DOS? VULNERABILITY”
TimeLine:
Oct 10, 2020- Reported
Oct 14, 2020- Triaged
Dec 20, 2020- Retested
Dec 22, 2020- Patched & Acknoweldgedment received
Thanks for reading :)
Stay Safe.
如有侵权请联系:admin#unsafe.sh