Few months back, a big data breach on the biggest online shopping website eBay affected 145 million registered users around the world when its database was hacked. While another one more critical vulnerability was reported on the website, through which an hacker can hijack millions of user accounts very easily.
Yasser H. Ali, an security researcher from Egypt informed about this vulnerability 4 months ago, which could be used by the cyber criminals in the targeted attacks. As it was not addressed by the eBay security team, we kept the technical details of this vulnerability hidden from our readers. But, as we promised to share the technical details of this interesting flaw, once after eBay team patch it. So, Here we go!
This critical vulnerability could allow an hacker to Reset Password of any eBay user account and that too without any user interaction or dependency. The only thing you required is the login email ID or username of the victim.
Demo Video :
Well if user forgets the password & click on forget password link, user is first redirected to a password reset page, where eBay page first generates a random code value as HTML form parameter “reqinput”, which is visible to the hacker as well using Browser’s inspect element tool.
When the user provides his/her email id and click the submit button, eBay generates a another random code, which is unknown to anybody else except the users themselves, and send the code along with a password reset link to the eBay user on the registered email address.
Once the user clicks on the password reset link, user will be redirected to an eBay page with new password option, where the user only needs to enter a new password 2 times and has to submit it, in order to reset his eBay account password.
A clever hacker could had launched an automated mass password reset request attack for all those email accounts which were leaked in previously reported massive eBay data breach.
The eBay has already patched the vulnerability after Yasser responsibly disclosed the flaw to the eBay security team. But, this 4 months delay in delivering the patch could have compromised millions of eBay users’ accounts, even if you had changed your password after the data breach.
Source : THN