- Status Closed
-
Assigned To
cbay - Private
Opened by waloodi_109 - 10.01.2025
Last edited by cbay - 10.01.2025
FS#123 - Direct accessing Api on another Browser
Direct accessing Api on another Browser.
Hello Team, I hope you are doing well. Well, researching in your domain I found Direct accessing Api on another Browser, steps are given below:
Steps to Reproduce:
1.Go to https://admin.alwaysdata.com/ and login into your account.
2 Go to Profile Section and create your token.
3.Then, go to https://api.alwaysdata.com/v1/account/ and sign in into your account.
4.Copy your login account Url and paste it into another browser, you can see that you can direct accessing the account without sign in the account.
Impact:
Create another session into another browser for accessing the account, If attacker gain the victim session or laptop access, so he/she can directly access the victim Api account in https://api.alwaysdata.com/v1/account/ .
#Note:
I deleted all the cookies from the browser, after that I visit in https://api.alwaysdata.com/v1/doc so I can directly accessing the account without sign in again.
Thank You,
Waleed Anwar
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task
Put a logout option for prefer to logout the user.
I want to add something, by mistakenly i written something wrong in the report, I can copying the url from the burpsuite and pasting into url so i am directly accessing the api.alwaysdata.com/account
Hello,
There is no session/cookie on https://api.alwaysdata.com/, only HTTP authentication, so I assume what you see is your browser caching the authentication.
Kind regards,
Cyril