Client ==> Firewall Access
Recently I ordered two juicer machines from Daraz. I got delivery within 12 days, when I opened my package there were two juicer machines, the juicer jugs of both were cracked and one was broken totally. I searched on YouTube about Daraz there is a list of unhappy customers complaining about their experience with Daraz, later sometime I visited Daraz and wrote a complaint feedback about my experience and within 2 days I got a call from customer care telling me about their 7 days refund policy which they didn’t mention clearly on their web app. Well, I was browsing YouTube and saw an e-commerce platform goto.com.pk Ad, mistakenly I typed goto.pk instead of goto.com.pk and I saw a URL shortener service, hmmm I thought something evil, I fired up my Terminal, switched to beef, configured my no-IP, forward my port and shorten my hooked URL with goto.pk, and I got something like “http://goto.pk/5wcdw”. So, Continue to Daraz I saw a live chat agent, well I thought it an awesome opportunity to test, I start a live chat session with one of their agents and asked him about some products if they are available on Daraz, the agent told me to send the link to that product, finally he clicked on that link and I got his browser there was nothing interesting but one thing which was not good for them as I got access to their network firewall ( pfsense => firewall/router ) . The methodology was, I scanned that public IP and noticed that port 80 is open which was pointing me to the pfsense admin interface as a n00b I tried admin/admin, admin/password and all common usernames and passwords, nothing happened but then google helped me with the default credentials for pfsense admin/pfsense and believe me I got access to their firewall.


