Delivered-To: info@designerliving.com Received: by 2002:a05:7000:5466:b0:572:51e9:7a3e with SMTP id d6csp2116710mas; Mon, 29 Apr 2024 15:42:20 -0700 (PDT) X-Received: by 2002:a05:6870:36c5:b0:23b:7ff:91cb with SMTP id u5-20020a05687036c500b0023b07ff91cbmr8507200oak.4.1714430539976; Mon, 29 Apr 2024 15:42:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1714430539; cv=none; d=google.com; s=arc-20160816; b=OoJSFkwhOS/G3mv2TLgpdUpTqbKu+MblLSaA7NiLtD9ty1Vpr1OgIIbALNEUFIez1Z 9wM5FEEb1u9hVtlryXy9mvSe+iezM3lkAnlF0/Crh8NrwXqqBTfDISAqkch1INWz/+60 hc4CXVj+UWgR9XILEnLgTXSaZQXodWCoiHsl/XVzFY5fNuWRvsHlQ0Ppmc3XV+beQIjQ ywtZWATJCexf3zzjtoE4Cjr5HhsjQB0cnbVRBqyPt2n5NEVUifR6EWgBosIYhwk+OpCr iw+uR14NspEKrkxYFVbCxfWrJLBqgHP+0eCztZger9deHW5GV4X5UBJw68f/xbgUy2sy 8ByA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=FW+BiXdWeLNSMaO/XwoX69l+17jFQUl6eSIfLu1094o=; fh=U8lqMQo/EE2tRHOkbSRdmJoVBTPgeU3HHGa4PRjMKMA=; b=XN11J70AwXVlFrsAa79NS9mciOqkFrU6UNGAZaR3GhvJkBFDQG6lUUyZ/QykFPPgwl w6dzo3/kF89W4FOlIbHA+ip1Xisin99KsvLUsnI59v93Vqh9rUJFyqikBihPENAoNnGe GIjzaE/Fn3AVsJx4Sv9jzYlX5PcMH1GnyhgIPE0hLVrYHtMKBtcPisd1JowUROQQFNE1 bl/OJ+cuoTJUv6SjOnXZXYj6DpWjumOvMi8Ng4EnqrfzQLnXSo4cncURfyEAETnVAc0I 2HagVrulUeJ0fw9rYQKKNSdrUkFfdVZUnT1E0Fw096TRPpzjohwbS0ysOVwk2xsexy2d bmig==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Jw0viklz; spf=pass (google.com: domain of danieljoseph11556@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=danieljoseph11556@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from mail-sor-f41.google.com (mail-sor-f41.google.com. [209.85.220.41]) by mx.google.com with SMTPS id k23-20020a056870819700b0023cd6f33fd9sor783462oae.9.2024.04.29.15.42.19 for (Google Transport Security); Mon, 29 Apr 2024 15:42:19 -0700 (PDT) Received-SPF: pass (google.com: domain of danieljoseph11556@gmail.com designates 209.85.220.41 as permitted sender) client-ip=209.85.220.41; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Jw0viklz; spf=pass (google.com: domain of danieljoseph11556@gmail.com designates 209.85.220.41 as permitted sender) smtp.mailfrom=danieljoseph11556@gmail.com; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1714430539; x=1715035339; darn=designerliving.com; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=FW+BiXdWeLNSMaO/XwoX69l+17jFQUl6eSIfLu1094o=; b=Jw0viklziogNu+/R3soNiJrhOgnrhUTiJIG4Tv5AAP7/0h/qkhWh8HTx8jb1eg0L++ zTu6B8rqSyAaphCjgKDeeSsG/Zooxn9yp214iinSJ8ENr91SQOJmPrIYLiai0CyLAHSR KFmWzDeHf3Znk73NuSMQkzHrGSvPLnc24cqOURS5BtXPMGyHQ22zXuFOYVmbev9cmqcd KEzhEXW6KJDAis5nIRv/ckZp4xGSFjNnLkETFzug1gXHj2+ykdgtNXy3yORYdBw93diO 8NiLHjPo3nRdnrt1jgozeEVfVW2atJjx+QEiAklYHxaLVW0oLQa6KTe1mmsk1v+frbMZ nANQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1714430539; x=1715035339; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=FW+BiXdWeLNSMaO/XwoX69l+17jFQUl6eSIfLu1094o=; b=olY8zchaBFV1ZmOPevvqO8EpQpmpRTdJFhVpowlJK2+WGyjCMaEC8dgiAFG0p+STY/ bP6ZvjiEqCkvbmArOshGApItwNuPvI/QAG6/b25tFw40HO5ShaNU2F7BQpmrFQ2oc+uF MD8WQ3HdskDzSiqvpYOf121fXi943V63dPRRYy0BnGlT+7/nBk7Fwa6wrIDpa5/5g7I2 rIErfr0r4Cmg3lQxvSyFbzV28B3e1P1iGThO8k8smyCiPqMQZtaDL7hmCwWF8CzmaFOP D4a8FFwdm4JBfpgJt/sxoBvlqsPNsfsjIziPv8R1LJJH3UUiel7drn6rd76JNtl19OkU WP4A== X-Gm-Message-State: AOJu0YzF3x8ngwK2ZnWQwMEh83P0ajzoFG/MHnCgT01tTI0CtRkngZ49 f29FvxvUuu21nC6rRrfStY6dubGYy5f3FMYpIQx7u4dz/DvomhWMSqFAQXtsK3oh/UfrhC2zjjh KxS5p227w0e2RrwHI8uIMCP2vujKK748m6ZI= X-Google-Smtp-Source: AGHT+IGRxwEsAIzoyfq31PWSbXQWUM6OdBVca9OwXs/yIc1Yv17JGfOPWMpCRTl4vXeAJjEvFQLIErBbUqh4ytwb3yc= X-Received: by 2002:a05:6871:67c2:b0:23c:6c72:9861 with SMTP id yb2-20020a05687167c200b0023c6c729861mr439257oab.0.1714430539320; Mon, 29 Apr 2024 15:42:19 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Daniel joseph Date: Tue, 30 Apr 2024 03:42:10 +0500 Message-ID: Subject: Re: Vulnerability Report-Broken Authentication To: info@designerliving.com Content-Type: multipart/alternative; boundary="00000000000049d532061743f7fe" --00000000000049d532061743f7fe Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi, Can I have an update regarding the bounty for the reported vulnerability? On Sun, Oct 1, 2023 at 12:13=E2=80=AFAM Daniel joseph wrote: > Hi Team, > > I hope you are well. I've reported a security vulnerability on your > website a long time ago and still haven't heard back from you. I'd really > appreciate it if you can verify my findings and update me regarding the > bounty for the report. > > Looking forward to hearing from you. > > On Tue, Feb 28, 2023 at 10:57=E2=80=AFPM Daniel joseph < > danieljoseph11556@gmail.com> wrote: > >> Hi Team, >> >> I believe that you have had an opportunity to read our previous email >> regarding the vulnerability report. As it's been long already and your t= eam >> hasn't responded to the vulnerability report submitted by me, I was >> expecting $500 for responsible disclosure of vulnerability. >> >> Furthermore I would like to publicly disclose vulnerability reports on >> our blogs for research and educational purposes. If you have any concern= s >> do let me know. >> >> Regards, >> Daniel >> >> >> On Thu, Dec 8, 2022 at 12:49=E2=80=AFPM Daniel joseph < >> danieljoseph11556@gmail.com> wrote: >> >>> Hi Team, >>> >>> Any update regarding the report and bounty? >>> >>> On Fri, Oct 21, 2022 at 11:28 PM Daniel joseph < >>> danieljoseph11556@gmail.com> wrote: >>> >>>> Hey Team, >>>> >>>> I'm a penetration tester and bug bounty hunter. I have found a >>>> potential vulnerability in the site. Please review the report below. >>>> >>>> Vulnerability: Broken Authentication & Session Management >>>> We have observed that when we change "password" from one browser in >>>> place of session expiration from another browser it just updates the >>>> password from another browser and the old session gets updated without >>>> being logged out. The flows goes like this: >>>> Broken Authentication and Session Management > Failure to Invalidate >>>> Session > On Password Change >>>> Steps: >>>> 1- Login from two browsers at a time [From Chrome browser and from >>>> Mozilla Firefox]. >>>> 2- Change password in settings from chrome browser. >>>> 3- Now Check Mozilla Firefox. >>>> 4- Your Session got "updated" in place of expiration. >>>> >>>> Same goes with when using two different computer systems. >>>> 1- Login from two computers at a time >>>> 2- Change password in settings from computer A. >>>> 3- Now Check computer B. >>>> 4- Your Session got "updated" in place of expiration. >>>> >>>> Recommendations: If Session is Updating from one Browser/Computer so >>>> other should expire first to renew session after login. >>>> >>>> If you require any additional information, please let me know. I'll be >>>> waiting to hear from your side regarding the report and bounty. >>>> >>>> -- >>>> Regards, >>>> Daniel >>>> >>> >>> >>> -- >>> Regards, >>> Daniel >>> >> --00000000000049d532061743f7fe Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi,

Can I have an update regarding the bounty for t= he reported vulnerability?

On Sun, Oct 1, 2023 at 12:13=E2=80=AFAM Daniel jo= seph <danieljoseph11556@g= mail.com> wrote:
Hi Team,

I hope you are well. I've repo= rted a security vulnerability on your website a long time ago and still hav= en't heard back from you. I'd really appreciate it if you can verif= y my findings and update me regarding the bounty for the report.

Loo= king forward to hearing from you.

On Tue, Feb 28, 2023 at 10:57=E2=80=AFPM D= aniel joseph <danieljoseph11556@gmail.com> wrote:
Hi Team,

I believ= e that you have had an opportunity to read our previous email regarding the= vulnerability report. As it's been long already and your team hasn'= ;t responded to the vulnerability report submitted by me, I was expecting $= 500 for responsible disclosure of vulnerability.

Furthermore I would= like to publicly disclose vulnerability reports on our blogs for research = and educational purposes. If you have any concerns do let me know.

Rega= rds,
Daniel

=

= On Thu, Dec 8, 2022 at 12:49=E2=80=AFPM Daniel joseph <danieljoseph11556@gmail.com= > wrote:
=
Hi Team,

An= y update regarding the report and bounty?

On Fri, Oct 21, 2022= at 11:28 PM Daniel joseph <danieljoseph11556@gmail.com> wrote:
Hey Team,

I'm a penetration tester and bug bounty hunte= r. I have found a potential vulnerability in the site. Please review the re= port below.

Vulnerability: Broken Authentication & Session Manag= ement
We have observed that when we change "password" from one= browser in place of session expiration from another browser it just update= s the password from another browser and the old session gets updated withou= t being logged out. The flows goes like this:
Broken Authentication and = Session Management > Failure to Invalidate Session > On Password Chan= ge
Steps:
1- Login from two browsers at a time [From Chrome browser a= nd from Mozilla Firefox].
2- Change password in settings from chrome bro= wser.
3- Now Check Mozilla Firefox.
4- Your Session got "updated= " in place of expiration.

Same goes with when using two differe= nt computer systems.
1- Login from two computers at a time
2- Change = password in settings from computer A.
3- Now Check computer B.
4- You= r Session got "updated" in place of expiration.

Recommenda= tions: If Session is Updating from one Browser/Computer so other should exp= ire first to renew session after login.

If you require any additiona= l information, please let me know. I'll be waiting to hear from your si= de regarding the report and bounty.

--
Regards,
Daniel


--
Regards,
Daniel
=
--00000000000049d532061743f7fe--