S3cuRity.Illusi0n

Facebook Has Acquired Mobile Analytics Startup Onavo For Up To $200 Million.

noreply@blogger.com (Anonymous) — Thu, 17 Oct 2013 01:28:00 +0000

Facebook has acquired a mobile analytics company, Onavo. The buyout price was up to $200 million, according to multiple reports.

Onavo is based in Tel Aviv and Palo Alto. Facebook will turn Onavo's office into its first office in Israel and thirty employees will join Facebook's team there, The Marker reports.

Onavo was founded in 2010 by Guy Rosen and Roi Tiger; it raised $13 million from Sequoia Capital and others. It provides mobile data usage analytics and helps companies see how their usage stacks up against other companies.

Here's the memo from the founders:

We are excited to announce that Facebook has agreed to acquire our company.

Three years ago, we started Onavo with the goal of helping today’s technology consumers and companies work more efficiently in a mobile world. We developed the award-winning Onavo mobile utility apps, and later launched Onavo Insights, the first mobile market intelligence service based on real engagement data. Our service helps people save money through more efficient use of data, and also helps developers, large and small, design better experiences for people.

We’ve built world-class products and a remarkably talented team which has pioneered important breakthroughs in data compression technology and mobile analytics. Today, we’re eager to take the next step and make an even bigger impact by supporting Facebook’s mission to connect the world.

As you know, Facebook and other mobile technology leaders recently launched Internet.org, formalizing Facebook’s commitment to improving access to the internet for the next 5 billion people — this is a challenge we’re also passionate about.

We’re excited to join their team, and hope to play a critical role in reaching one of Internet.org’s most significant goals – using data more efficiently, so that more people around the world can connect and share. When the transaction closes, we plan to continue running the Onavo mobile utility apps as a standalone brand. As always, we remain committed to the privacy of people who use our application and that commitment will not change.

We are incredibly proud of the talented team we have assembled, and, recognizing this, Onavo’s Tel-Aviv office will remain open for business and will become Facebook’s new Israeli office.

We’ll continue to advance the work we are doing in collaboration with Facebook’s great team. Thank you to everyone who has joined us on this journey. We’d like to extend a special thanks to our investors, who believed in us and in our vision from the early days. We’re excited for what’s next.

Guy Rosen, Co-Founder & CEORoi Tiger, Co-Founder & CTO

My Achievements - Hall Of Fames, Bounties And Swags !

noreply@blogger.com (Anonymous) — Tue, 17 Sep 2013 17:05:00 +0000

I Am So Lucky that GOD Gave Me ability to find Vulnerabilities On Almost All Big And Highly Secured (So Called) Giants Of IT Field. It includes:

Facebook, Google, Twitter, Apple, Microsoft, Adobe, Blackberry, Nokia, Symantec, Yahoo, Friendster, GoDaddy, Avira, Avast, Ifixit, Android, Barracuda, MailChimp, LinkedIn etc and list goes On.

Following are the Companies who have responsible disclosure policy listed my name on their Hall Of Fame Page for finding Security Vulnerabilities On their Sites.

Got 5000 $$ from PayPal and Acknowledgement As Security Researcher.

Got 500 $$ from Facebook and Acknowledgement As Security Researcher.

Got 300 $$ from Meraki and Acknowledgement As Security Researcher.

1) My first International Acknowledgement. Recognized by Microsoft as a Security Researcher. link

2) Got listed in Adobe Security Researcher Acknowledgement Page for 1st time. link

3) Acknowledge from ifixit. Got listed in ifixit responsible disclosure Page for 2012. link

4) Once again Got listed in ifixit responsible disclosure Page - This time for year 2013. link

5) Listed in Adobe Security Researcher Acknowledgement Page for 2nd time and thus become the 1st Person Over the Globe to be Acknowledged by Adobe twice. link

6) Listed in Owncloud Security acknowledgement page. link

7) Listed in Red Hat Vulnerability Acknowledgements Page. link

8) Got Listed in Zendesk Vulnerability Acknowledge page with all my Leet Friends. link

9) Got listed in ConstantContact Hall Of Fame. link

10) Listed in Apple Hall Of Fame for reporting cross-site scripting Vulnerability. link

11) No Offense.. Listed in Apple Hall Of Fame for the second time in a Week. link

12) Listed in Nokia Hall Of Fame for first Time. link

13) Finally, I am In Google Hall Of Fame. link

14) Listed in Bugcrowd Contributors List with all My friends.

15) Got Listed In Blackberry Hall Of Fame. :) link

16) Finally Got My White Hat Hacker Badge On My Freelancer Account. Feeling Special :) <3 link

17) Listed in Google Hall Of Fame for Second Time :) :) Feeling Happy :) link

18) Listed in Microsoft Hall Of Fame for Second Time :) link

19) Listed in Sprout Social Hall Of Fame. link

20) Listed in Android Hall Of Fame. link

21) Listed in Acquia Hall Of Fame. link

22) Listed in MailChimp Security Response Page. link

23) Listed in Blackberry Hall of Fame for second time. link

24) Listed in HackSecurity Special Thanks Page. link

25) Listed in Adobe Hall Of Fame fro 3rd Time! Feeling Special :) link

26) Listed in Schuberg Philis Hall Of Fame. link

27) Listed in Barracuda Hall Of Fame. link

28) Listed in NetFlix Hall Of Fame. link

29) Listed in Facebook White-hat Page. link

30) Acknowledgement From Avira as a Security Researcher.

31) Acknowledgement From Altassin as a Security Researcher And received Cool Swag .

32) Listed in Google Hall Of Fame for third time :) link

33) Acknowledgement From Appentative as a Security Researcher And received Cool Swag.

34) Listed in Google Hall Of fame for forth time :) link

35) Acknowledgement From BugCrowd as a Security Researcher And received Cool Swag .

36) Listed in Nokia Hall Of Fame for Second Time. link

37) Listed in Freelancer Hall Of Fame. link

38) Acknowledgement From PayPal as a Security Researcher And received Some Bounty.

Reach me at Facebook - https://www.facebook.com/heartstlear

Reach me at twitter - https://www.twitter.com/tush2388

Reach me at LinkedIn - http://www.linkedin.com/pub/tushar-kumbhare/69/8a7/9b8

Thanks.

Happy Hacking :)

List Of Bug Bounty Sites

noreply@blogger.com (Anonymous) — Tue, 17 Sep 2013 16:59:00 +0000

PRODUCTS AND SERVICES (REWARD OFFERED)

Bugcrowd - https://portal.bugcrowd.com/sign_up/
AT&T - http://developer.att.com/developer/apiDetailPage.jsp?passedItemId=10700235 (To submit you need to sign up to the free Developer API program)
Avast! - http://www.avast.com/bug-bounty
Barracuda - http://barracudalabs.com/?page_id=3456
Chromium Project - http://www.chromium.org/Home/chromium-security/vulnerability-rewards-program
Coinbase - https://coinbase.com/whitehat
Cryptocat - https://crypto.cat/bughunt/
Etsy - http://www.etsy.com/help/article/2463
Facebook - http://www.facebook.com/whitehat/bounty/
Gallery - http://codex.gallery2.org/Bounties
Ghostscript - http://ghostscript.com/Bug_bounty_program.html (Mostly software development, occasional security issues)
Google - http://www.google.com/about/company/rewardprogram.html
Heroku - https://policy.heroku.com/security
Hex-Rays - http://www.hex-rays.com/bugbounty.shtml
Kraken - https://www.kraken.com/security/bug-bounty
LaunchKey - https://launchkey.com/docs/whitehat
Marktplaats - http://statisch.marktplaats.nl/help/responsible_disclosure_policy_en.html
Mega.co.nz - http://thenextweb.com/insider/2013/02/01/kim-dotcom-puts-up-13500-bounty-for-first-person-to-break-megas-security-system/
Meraki - http://www.meraki.com/trust/#srp
Meta Calculator - http://www.meta-calculator.com/blog/bug-bounty-program/
Microsoft - http://www.microsoft.com/security/msrc/report/bountyprograms.aspx
Mozilla - http://www.mozilla.org/security/bug-bounty.html
National Cyber Security Center (Netherlands) - https://www.ncsc.nl/security
Olark - http://www.olark.com/customer/portal/articles/1237352
Paypal - https://www.paypal.com/us/webapps/mpp/security/reporting-security-issues
PikaPay - https://www.pikapay.com/pikapay-security-policy/
Piwik - http://piwik.org/security/
Qiwi - https://www.qiwi.ru/page/hack.action
Qmail - http://cr.yp.to/djbdns/guarantee.html
Ricebridge - http://www.ricebridge.com/bugs.htm (Only available to customers)
Ripple - https://ripple.com/bug-bounty/
Samsung - https://samsungtvbounty.com/
Simple - https://www.simple.com/policies/website-security/
Tarsnap - https://www.tarsnap.com/bugbounty.html
Yandex - http://company.yandex.com/security/index.xml
Zerobrane - http://notebook.kulchenko.com/zerobrane/zerobrane-studio-bug-bounty

PRODUCT AND SERVICES (HALL OF FAME + SWAG)

Atlassian - https://confluence.atlassian.com/display/SUPPORT/How+to+Report+a+Security+Issue
Attack Secure - http://attack-secure.com/whitehat/
Engineyard - https://www.engineyard.com/legal/responsible-disclosure-policy
Github - https://help.github.com/articles/responsible-disclosure-of-security-vulnerabilities
ifixit - http://www.ifixit.com/Info/Responsible_Disclosure
Paymill - https://www.paymill.com/en-gb/support-3/worth-knowing/security/
Pinterest - http://about.pinterest.com/terms/responsible-disclosure/
Schuberg Philis - http://www.schubergphilis.com/newsroom/library/downloads-policies/responsible-disclosure-policy/
Soundcloud - http://help.soundcloud.com/customer/portal/articles/439715-responsible-disclosure
Yahoo - http://security.yahoo.com/reporting-security-issues-yahoo-000000016.html

PRODUCT AND SERVICES (HALL OF FAME ONLY)

37signals - https://37signals.com/security-response
Acquia - https://www.acquia.com/how-report-security-issue
ActiveProspect - http://activeprospect.com/activeprospect-security/
Adobe - http://www.adobe.com/support/security/alertus.html
Android Free Apps - http://www.androidfreeapp.net/security-researcher-acknowledgments/
Apple - http://support.apple.com/kb/HT1318
Base - https://getbase.com/security/
Blackberry - http://us.blackberry.com/business/topics/security/incident-response-team/collaborations.html
Braintree - https://www.braintreepayments.com/developers/disclosure
Card - https://www.card.com/responsible-disclosure-policy
Chargify - https://chargify.com/security/
Constant Contact - http://www.constantcontact.com/about-constant-contact/security/report-vulnerability.jsp
cPaperless - http://www.cpaperless.com/securitystatement.aspx
Digital Ocean - https://www.digitalocean.com/security
DiMartino Entertainment - http://moosikay.dimartinoentertainment.com/site/credits/
Dropbox - https://www.dropbox.com/special_thanks
eBay - http://pages.ebay.com/securitycenter/ResearchersAcknowledgement.html
EVE - http://community.eveonline.com/devblog.asp?a=blog&nbid=2384
Evernote - http://evernote.com/security/
Foursquare - https://foursquare.com/about/security
Freelancer - http://www.freelancer.com/info/vulnerability-submission.php
Future Of Enforcement - http://futureofenforcement.com/?page_id=695
Gitlab - http://blog.gitlab.com/responsible-disclosure-policy/
Gittip - https://www.gittip.com/security.txt
Gliph - https://gli.ph/s/security.html
HakSecurity - http://haksecurity.com/special-thanks/
Harmony - http://get.harmonyapp.com/security/
Iconfinder - http://support.iconfinder.com/customer/portal/articles/1217282-responsible-disclosure-of-security-vulnerabilities
Kaneva - http://docs.kaneva.com/mediawiki/index.php/Bug_Bounty
Kayako - https://my.kayako.com/Knowledgebase/Article/View/853/0/security-vulnerability-fix-and-patch-policy
lastpass - https://lastpass.com/support_security.php
Mahara - https://wiki.mahara.org/index.php/Contributors#Security_Researchers
MailChimp - http://mailchimp.com/about/security-response/
Microsoft (Online Services) - http://technet.microsoft.com/en-us/security/cc308589
Netflix - http://support.netflix.com/en/node/6657#gsc.tab=0
Nitrous.IO - http://help.nitrous.io/admin-security-response/
Nokia - http://www.nokia.com/global/security/acknowledgements/
Nokia Siemens Networks - http://www.nokiasiemensnetworks.com/about-us/responsible-disclosure
Norada - http://norada.com/crm-software/security_response
Open Text - http://opentext.com/2/global/company/security-acknowledgements.htm
Opera - https://bugs.opera.com/wizarddesktop/
Oracle - http://oracle.com/technetwork/topics/security/securityfixlifecycle-086982.html
Owncloud - http://owncloud.org/about/security/hall-of-fame/
Pocket - http://help.getpocket.com/customer/portal/articles/1225832-pocket-security-overview
Puppet Labs - https://puppetlabs.com/security/acknowledgments/
RedHat - https://access.redhat.com/knowledge/articles/66234
Risk.io - https://www.risk.io/security
Security Net - http://www.securitynet.org/security-researcher-acknoledgments/
Sellfy - https://sellfy.com/security/
Shopify - https://www.shopify.com/security-response
Sonatype - http://www.sonatype.com/contact/report-a-security-issue
Spotify - https://www.spotify.com/us/about-us/contact/report-security-issues/
Sprout Social - http://sproutsocial.com/responsible-disclosure-policy
Telekom - http://www.telekom.com/corporate-responsibility/security/186450
Thingomatic - http://thingomatic.org/security.html
Tuenti - http://corporate.tuenti.com/en/dev/hall-of-fame
Twilio - https://www.twilio.com/docs/security/disclosure
Twitter - https://twitter.com/about/security
WizeHive - http://www.wizehive.com/special_thanks.html
Xmarks - https://buy.xmarks.com/security.php
Zendesk - http://www.zendesk.com/company/responsible-disclosure-policy
Zynga - http://company.zynga.com/security/whitehats

PRODUCTS AND SERVICES (NO REWARD)

Airbnb - https://www.airbnb.com/help/policies/responsible_disclosure#responsible_disclosure_policy
Amazon.com - (please email details to security@amazon.com)
Amazon Web Services - http://aws.amazon.com/security/vulnerability-reporting
Apriva - http://www.apriva.com/security
Asana - https://asana.com/security
Authy - https://www.authy.com/security-issue
Avira - http://www.avira.com/en/support-vulnerability
Blackboard - http://www.blackboard.com/footer/security-policy.aspx
Box - https://www.box.com/about-us/security/
Cisco - http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html#roosfassv
Cloudnetz - http://cloudnetz.com/Legal/vulnerability-testing-policy.html
Coupa - http://trust.coupa.com/home/security/coupa-vulnerability-reporting-policy
Drupal - https://drupal.org/security-team
EMC² - http://www.emc.com/contact-us/contact/product-security-response-center.htm
Emptrust - http://www.emptrust.com/Security.aspx
HoneyDocs - https://www.honeydocs.com/bounty (Reward: Free HoneyDocs plan)
HTC - http://www.htc.com/us/terms/product-security/
Huawei - http://www.huawei.com/en/security/psirt/report-vulnerabilities/index.htm
IBM - http://www-03.ibm.com/security/secure-engineering/report.html
KPN - http://www.kpn.com/Privacy.htm#tabcontent3
Lievensberg Hospital - http://www.lievensbergziekenhuis.nl/paginas/141-disclaimer.html
LinkedIn - http://help.linkedin.com/app/answers/detail/a_id/37022
Lookout - https://www.lookout.com/responsible-disclosure
Millsap Independent School District - http://www.millsapisd.net/BugReport.cfm
Modus CSR - http://www.moduscsr.com/security_statement.php
PagerDuty - http://www.pagerduty.com/security/disclosure/
Panzura - http://panzura.com/support/panzura-security-policy/
Pidgin - http://pidgin.im/security/
Plone - http://plone.org/products/plone/security/advisories
Pop Group - http://www.popgroupglobal.com/security.php
Reddit - http://code.reddit.com/wiki/help/whitehat
Relaso - http://relaso.com/disclosure
Salesforce - http://www.salesforce.com/company/privacy/security.jsp#vulnerability
Scorpion Software - http://www.scorpionsoft.com/company/disclosurepolicy/
Simplify - http://simplify-llc.com/simplify-security.html
Skoodat - http://www.skoodat.com/security
Square - https://squareup.com/security/levels
Symantec - http://www.symantec.com/security/
Team Unify - http://www.teamunify.com/__corp__/security.php
Tele2 - http://www.tele2.nl/klantenservice/veiligheid/tele2-en-veiligheid.html
UPC - http://www.upc.nl/internet/veilig_internet/beveiligingsproblemen/
Viadeo - http://www.viadeo.com/aide/security/
Vodafone (Netherlands) - http://over.vodafone.nl/vodafone-nederland/privacy-veiligheid/beveiliging-en-bescherming/wat-doet-vodafone/meld-een-beveilig
VSR - http://www.vsecurity.com/company/disclosure
X.commerce - http://www.x.com/security
Xen - http://www.xen.org/projects/security_vulnerability_process.html
Ziggo - https://www.ziggo.nl/#klantenservice/internet/risicos-op-internet/meldpunt-beveiligingslekken

BROKERS AND SECURITY COMPANIES

Beyond Security - http://www.beyondsecurity.com/ssd.html

COSINC - http://www.coseinc.com/en/index.php?rt=advisory

Exodus Intelligence - https://www.exodusintel.com/eip/

ExploitHub - https://www.exploithub.com/request/index/developmentrequests/

HP Zero-Day Initiative (ZDI) - http://www.zerodayinitiative.com/about/benefits/

iDefense - https://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/vulnerability-intelligence/index.xhtml

Insight Partners - https://gvp.isightpartners.com/program_details.gvp?page=3&title=1&section=0

Netragard - http://pentest.snosoft.com/netragards-eap/

Packet Storm - http://packetstormsecurity.com/bugbounty

Secunia - http://secunia.com/community/research/svcrp

White Fir Design - https://www.whitefirdesign.com/about/wordpress-security-bug-bounty-program.html

Wordfence Bug Bounty Program - DOM Based XSS on Main Site! Patched Without Even Reply!

noreply@blogger.com (Anonymous) — Wed, 11 Sep 2013 03:30:00 +0000

Few days ago, i read about the new Bug Bounty Program started by Wordfence. Link

Wordfence is the Leading CyberSecurity solution for WordPress. They provide a Complete Anti-Virus and Firewall Package for your WordPress Website including Two Factor Authentication, a Firewall incorporating Machine Learning and Tools to help Recover from a Hack. Wordfence is available free. Simply sign into your WordPress website, Go to Plugins > Add New > And search for 'wordfence' without quotes. Our premium version includes enterprise features like Two Factor Authentication and Country Blocking.

As a Bounty they were offering Wordfence 5 year Premium license per bug reported. These licenses are priced at $146.25. Its Cool. I thought why not to try my hands on this bounty program.

When i visited the site, i noticed that the site is using a WordPress CMS. The version was 3.6 and almost all the known vulnerabilities seems to be patched. Then i checked the page source and Plugins. I found that the site is integrated with a plugin named WordPress prettyPhoto. I reviewed the JavaScript source of the Plugin and Found that it is vulnerable to DOM based Cross Site Scripting as it is accepting the input without sanitizing. So i generated my payload and crafted the URL as follows:

http://www.wordfence.com/#!prettyPhoto/<a onclick="alert(/XSS by Tushar Kumbhare/);">/

I typed this URL in address bar and hit Enter and Bang!!! I Got a prompt showing XSS Vulnerability. I Immediately reported the vulnerability and they patched the vulnerability within a hour. They are really very fast as compared to Others.

But these days, cant trust any one. Leave about the Bounty, they patched the vulnerability without even reply or a message of thanks. I don't know why these Bug Bounty Vendors doesn't play a fair game. They are just using our talent to secure their vulnerable ass and didn't even give a reply of thanks. To be very frank, i am loosing trust on these bug bounty programs due to some recent experiences which i got in these few days.

Let it be, but fortunately, i recorded the video as a Proof Of Concept. Its attached as follows:

After reporting 3 times and no reply my message to wordfence team. I have still 1 sqli and 2 XSS on your site and this time i will not report but do only one thing.

Reach me at Facebook - https://www.facebook.com/heartstlear

Reach me at twitter - https://www.twitter.com/tush2388

Reach me at LinkedIn - http://www.linkedin.com/pub/tushar-kumbhare/69/8a7/9b8

Thanks.

Wordpress W3-Total-Cache Plugin 0.9.2.11 Persistant XSS Vulnerability.

noreply@blogger.com (Anonymous) — Sun, 08 Sep 2013 22:36:00 +0000

WordPress Plugin w3-total-cache 0-day Stored Cross site Scripting Vulnerability.

Vulnerable Plugin - W3-total-cache Plugin

Vulnerable Version - Version 0.9.2.11 and Prior.
Tested On - WordPress 3.6 on Windows 7, Linux.

Vulnerability: Stored Cross Site Scripting.

W3-Total-Cache Plugin is Most defamed for its Poor Security. Version of W3-total-cache Plugin ie Version 0.9.2.11, it is being hit by another major vulnerability which exploited Cleverly and Successfully can compromise the Admin Account of WordPress Site.

Following are the Steps:

1) Go to Dashboard.

2) Click on Installed Plugins.

3) Go to W3-Total-Cache Plugin and Click on settings.

4) Go to Reverse Proxy and Click on page cache settings.

5) Go to Cache Preload and Type Vector - "><img src=x onerror=prompt(0);>. in Sitemap URL and Click on Save.

6) You will get a Prompt.

Here is a Video Demonstration of this Vulnerability.

My First Interview With EHACKING NEWS.

noreply@blogger.com (Anonymous) — Sat, 27 Apr 2013 15:17:00 +0000

"Mein Kampf - A brief Journey (Continues...) - FROM struggle, failures, insult, rejections, pain and despair - TO a very Small tough, but yet a Significant step, taken towards Success!!! " - My first Interview at EHACKING NEWS !

http://www.ehackingnews.com/2013/04/an-interview-with-mr-dependent-of.html