Welcome Guest [Log In] [Register]
Welcome to BIT. We hope you enjoy your visit.


You're currently viewing our forum as a guest. This means you are limited to certain areas of the board and there are some features you can't use. If you join our community, you'll be able to access member-only sections, and use many member-only features such as customizing your profile, sending personal messages, and voting in polls. Registration is simple, fast, and completely free.


Join our community!


If you're already a member please log in to your account to access all of our features:

Username:   Password:
Add Reply
Technical news and happenings
Topic Started: Feb 7 2005, 11:10 AM (145 Views)
sourabh_soni2k2
Member Avatar
Sourabh Soni
[ *  *  *  *  * ]

Vulnerabilities in Indian E-Mail serice providers.

The email services of several big Indian portals are susceptible to scripting attacks i.e., malicious code can be embedded by attackers into email messages, that, when received by unsuspecting users, can cause harmful effects.





The services are Rediffmail.com, Indiatimes.com, Sify.com. The combined user base of these services runs into millions and all of these users are vulnerable.

"I've known about most of these vulnerabilities for years now and I am now releasing them because many are being massively exploited in the wild. All attempts to contact the vendors were unfruitful." -Masood Says (Founder of Vulnerabilities)

Description & Impact :

It is possible to embed malicious scripts in an ordinary email to users of these services because of certain flaws in their anti-scripting filters.

Since, these filters are not as robust as the filters used by service providers like Yahoo and Hotmail, many more flaws, similar to those detailed here, are undoubtedly present in these services.

Some of the attacks possible through exploitation of these flaws :

* User names and passwords can be stolen. Spoofed login pages are one of the many methods to do so.

* Webpages belonging to the portals can be spoofed, including the shopping cart system.

* Any action that the legitimate user can take can also be taken by the malicious code. Cookies can be stolen.

* Malicious programs can be executed when combined with browser vulnerabilities.

* Force-feeding websites to users. Spammers, phishers and scammers can redirect users to their own pages. * A malicious worm can be created which can traverse through the entire user base and cause destruction.

* Users can be locked out of their inboxes.

Technical Details :

Rediffmail (RediffMail.com):

Rediffmail has the most robust security system among all three. However, it is still susceptible to several attacks.

Indiatimes Mail ( http://Mail.IndiaTimes.com) :

Indiatimes email does not have a scripting filter in place. This means all HTML tags including scripts can be embedded into the email without any security obstacles.

Sify Mail ( http://mail.sify.com):

First Vuln: Server side filtering code removes everything between and including the Script tags in the message body.

A newline character or a space character before the ">" in Script Tag evades filtering.

Second Vuln: There is no filtering in the subject line. Html tags can also be inserted into the subject line of the mail which are then interpreted by the browser.

Status

Several unsuccessful attempts have been made to contact the vendors. Emails alerts did not receive responses.

Credit:

The vulnerabilities and PoCs have been discovered by S.G.Masood( sgmas@yahoo.com and sgmas@gmail.com) from Hyderabad, India.

Addional Information

Example, full information and many more vulnab. can be found on the group secified below :

Google Groups : n3td3v

Source : n3td3v Groups

& Go4i.net

sourabh
TCS
--= Yes..I'm the man =--

-== who sold the world ==-
[size=7]Sourabh Soni[/size]

TATA CONSULTANCY SERVICES
Chennai

sourabh_soni@yahoo.com
Offline Profile Quote Post Goto Top
 
1 user reading this topic (1 Guest and 0 Anonymous)
« Previous Topic · Gup Shup · Next Topic »
Add Reply