HTML Injection(Unique Exploitation)

pratik yadav
Jan 7 · 3 min read

Hey Guys! I know HTML injection is not something you wanted to read but however its an unique issue which i have found.

About the Application

This web application has different authentication process. You will have to enter your username and it will send you an magic link to your email which will have an login link.

Here is how the link looks

So something to note here is the IP ? I don’t know how it got into my head to Spoof this ip although i know this not an issue .

Steps to Reproduce

  1. When we login the following POST Request is made

2. So I have read some blogs where I have seen few guys bypassing rate limit using spoofing X-Forwarded-For: so i thought lets try

So I added X-Forwarded-For: google.com and in the mail I got my Ip as google.com so next i wanted to try HTML injection

I made the following request

So as you can see i have added a X-Forwarded-For: <h1>Pratik Attacker</h1> so i was expecting Pratik Attacker in h1 at my email .

So as expected . You can see in the screenshot my IP address is displayed as Pratik Attacker as H1 which clearly prooves that the site was vulnerable to html injection

So what next

I added X-Forwarded-For :- <a href=”attacker.com”><h1><font color=”red”>Please click here to login to your account<h1></font></a> in the post request and as expected

Disclosure

I quickly created a report and I reported this to the CEO on Telegram so instantly he messaged me that he has individually fixed the bug in just 2 Minutes and rewarded me 250$ for this vulnerability.

As you can see he just fixed this issue in 2 Minutes >I really appreciate his dedication for his product.

Thanks
Best Regards

Pratik Yadav

https://twitter.com/@PratikY9967

pratik yadav

Written by

Student :) also a Full time Security engineer at cryptoexchange:)

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade