No Recent Activity
About ajaysinghnegi

Basic Information

About ajaysinghnegi
Biography:
A Information Security Learner & Researcher
Location:
Universe
Interests:
Pen Testing,Exploit Dev,Reverse Engg,Malware Analysis, Forensics, Zero Day Dev, Ethical Hacking
Occupation:
Information Security Researcher

Contact


This Page
http://garage4hackers.com/member.php?u=54
Instant Messaging

Send an Instant Message to ajaysinghnegi Using...

Statistics


Total Posts
Total Posts
181
Posts Per Day
0.05
General Information
Last Activity
06-14-2014 11:13 PM
Join Date
07-13-2010
Referrals
8

11 Friends

  1. "vinnu" "vinnu" is offline

    Security Researcher

    "vinnu"
  2. amolnaik4 amolnaik4 is offline

    Web Security Consultant

    amolnaik4
  3. anandtiwarics anandtiwarics is offline

    Garage Newcomer

    anandtiwarics
  4. AnArKI AnArKI is offline

    Infosec Enthusiast

    AnArKI
  5. babloo babloo is offline

    Garage Newcomer

    • Send a message via Skype™ to babloo
    babloo
  6. fb1h2s fb1h2s is offline

    Security Researcher

    fb1h2s
  7. prashant_uniyal prashant_uniyal is offline

    Security Analyst

    prashant_uniyal
  8. Punter Punter is offline

    Administrator

    Punter
  9. swatantra swatantra is offline

    Garage Newcomer

    swatantra
Showing Friends 1 to 9 of 11
Page 1 of 2 12 LastLast
View ajaysinghnegi's Blog

Recent Entries

Microsofts IIS.net Anti-CSRF Token Bypass

by ajaysinghnegi on 04-20-2014 at 03:32 PM
[B]Microsoft's IIS.net CSRF Vulnerability[/B]

I want to share my another finding on Microsoft IIS.net which I have reported to them in August 2013.


While researching and working on bug bounties I have found that we can bypass Anti-CSRF token validation even when it is getting validated on the server-side and can execute CSRF. And after that using the CSRF we can compromise the victims account by change email id of any users account on that site to the attackers

Read More

Updated 04-21-2014 at 11:12 AM by 41.w4r10r

Categories
Uncategorized

Microsofts Asp.net Anti-CSRF Token Bypass

by ajaysinghnegi on 04-20-2014 at 03:21 PM
[B]Microsoft's Asp.net CSRF Vulnerability[/B]

I want to share one of my finding on Microsoft Asp.net which I have reported to them in April 2013.

While researching and working on bug bounties I have found that we can bypass Anti-CSRF token validation even when it is getting validated on the server-side and can execute CSRF. And after that using the CSRF we can compromise the victims account by change email id of any users account on that site to the attackers email

Read More

Updated 04-21-2014 at 11:48 AM by 41.w4r10r

Categories
Uncategorized

Twitter Follow Retweet and Tweet Favourite CSRF Vulnerabilities

by ajaysinghnegi on 04-14-2014 at 01:16 PM
[B]How we were able to find Twitter Follow Retweet and [/B][B][B]Tweet Favourite[/B] CSRF[/B]


[LEFT]We want to share 3 of our findings on Twitter which me and my friend Krutarth have reported to them on March 2014.My good friend @KrutarthShukla was testing Twitter and he was trying deeply to find something on it. And finally he got a Follow CSRF and after sometime later I also got Reweet & Tweet Favourite CSRF. So, we found 3 CSRF vulnerabilities on Twitter.
[/LEFT]

Read More

Updated 04-15-2014 at 04:15 PM by ajaysinghnegi

Categories
Uncategorized

Account Takeover Using Password Reset Vulnerability

by ajaysinghnegi on 03-07-2014 at 03:47 PM
[LEFT][B]Account Takeover Using Password Reset Functionality[/B]
[/LEFT]
While researching and working on bug bounties I have found that by using Password Reset Functionality, Token & Link we can Takeover all the users account of a website if that site is vulnerable to this type of attack.


Using this vulnerability the attacker can modify the email md5 hash to any victims email md5 hash to change their password and in this way he can also reset all passwords

Read More

Categories
Uncategorized

How I was able to Read & Download Paypals X.com Users Private Email Attachments

by ajaysinghnegi on 03-07-2014 at 01:35 PM
[B][LEFT]Paypals X.com Failure to Restrict Url Access Vulnerability
[/LEFT]
[/B]
[LEFT]I want to share one of my finding on Paypals X.com which I have reported to them in 3 January 2013.

[/LEFT]
I have found that Paypal X.com following Url [URL]https://www.x.com/sites/default/files/failure_to_restrict_url_vul_for_any_attachments.txt[/URL] was vulnerable to Failure to Restrict Url Access Vulnerability as the email Attachments Url can be accessed without Login

Read More

Updated 03-07-2014 at 03:28 PM by ajaysinghnegi

Categories
Uncategorized