Steal some JSON response by JSONP injection!!

Mohamed Sayed
Sep 6, 2018 · 2 min read

Some websites depend on JSON to send requests and receive responses and this response can include an information about the logged in user and shouldn't be public to anyone now in this topic we will see how we can steal this data.

What is JSON?

JSON is a language but isn’t programing language but it’s a lightweight data-interchange format and we can use it to communication between different apps such as ( Android, IOS, Web,….).

Exploitation

Now some of JSON response is like that:

response

In this case, if the response like that you are lucky we can dump this data by writing a small code using JS we will include this file in my page as a JS file in a script tag and we will create a function to dump data and the function name should be userInfo this is the exploitation you can see the code in the next image:

The Code

and the response in my page here:

Attacker page

This a useful way and the Basic there are more ways but I don’t want to make this topic Boring and long, I will talk about one last way to dump the data, there another way by adding this parameter callback to the JSON file if the files don’t have a function name to exploit by using it you can try to add the parameter like that:

Now it looks like the above case and you should follow the old steps and done you will steal the data.

Thank you for reading I hope this topic help you with something.

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Mohamed Sayed

Written by

My name is Mohamed my nickname is Flex, I’m a Bug Hunter at HackerOne and Synack Red Team Member.

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade