Learn More
Resend Email
40
AlgoRythm
4y

Something I probably shouldn't talk about:

One of the projects at work has a specific path you can visit. The """security""" is that nobody should know the path. But I can guaran-fucking-tee you it's not difficult to guess.

On this page, ***without a login***, you can view some user information. Well, you can view all of it, but only certain fields.

And if you perform a specific action on this page, you can get their password, plaintext.

This project is not mine. But learning all of this made me super uneasy. I had to share it.

rant

what even is security
Favorite
Ranter
Comments
  • 18
    4y
    When will they learn "security through obfuscation" never work?
  • 22
    4y
    Accidentally leak it to an auditing company.
    Mishandling user data is never acceptable.
  • 11
    4y
    @Root I tried to find something like a sitemap or a way to realistically find that path because they won't change a damn thing otherwise... But no luck.

    My fear is that if I bring it up to the director they'll just make it a less obvious path.

    I really hate that we encrypt password here instead of hash them. It's filthy that we can see them if we want.
  • 4
    4y
    @AlgoRythm that's disgusting :-(
  • 5
    4y
    @AlgoRythm my first reaction was if you can get the password something is wrong. Although password reuse should be abolished. Your company plays a big part in why.
  • 1
    4y
    Which site is that?
  • 3
    4y
    @electrineer

    He isn't supposed to talk about it.
  • 2
    4y
    @AlgoRythm I don't think you need any special way of discovering the page. Bruteforce guessing exists and will discover it. But if it helps, you can check the robots.txt, if it exists.
  • 3
    4y
    My plan is for getting a career in cybersec, I'm genuinely afraid that I'm gonna either start to cry or burst out laughing if something like that ever happens.
  • 0
    4y
    lnk plz ;)
  • 2
    4y
    @Ranchu to quote @Frodoswaggins:
    Fires burn in the distance, and Charlie is everywhere.
  • 0
    4y
    @AlgoRythm did you give DirBuster a shot with the most common word lists?
  • 1
    4y
    @IwiS I'm not gonna be running any scripts or anything against my work
  • 2
    4y
    Even if its hard to guess, still has issues:
    a) listen to the connection request if its a public network

    b) any employee let go has permanent access to it if he has the info

    c) if that's the FE/BE security, the server security wont be any better, which means DB leak is likely, and with encrypted passes, it will leak *everything* once someone finds the key, no amount of strong password will help any of the users

    This is unacceptable by any standard
devRant © 2021 Hexical Labs LLC
Privacy Policy  |  Terms of Service
Add Comment