Internshala Bug in Internshala Student Partner
Hi I am back again.
This is a quick writeup while my video is being uploaded to youtube.
I found that that there is no proper rate limiting set during isp login from herehttps://trainings.internshala.com/isp/login.
Hackers can run automated bruteforce tool like burp suite intruder to find the passwords. The isp login can be easily found when a student partner shares his referral link . The correct password can be found out through by seeing the length of the response which will be the least. (The passwords consist of small alphabets and numbers.)
The best fix was to atleast introduce a captcha and then also throttle out the IP account having multiple failed logins.
Unfortunately they said that they are already aware of the issue and closed my report .
PS- I found out that Internshala responsible disclosure is a pain in ass to work with and they are replying after a long delay. I also reported bugs like they had old wordpress version running on their blog. Unfortunately the bug got rejected but they silently fixed the endpoint from where I reached it.
Like- https://example/wp-admin was available when i started my pentest. After my report where I said it is visible and then reported a chained bug; it got closed but the url link got removed . So sad :(
I hope for good luck with them in future.
I will be writing my Google and MS HOF sometime soon ! BYE!
UPDATE- THEY ARE NOW WILLING TO GIVE A T-SHIRT AND TAKE THIS AS AN EXCEPTIONAL CASE FOR ANOTHER OF MY REPORTS.