[<prev] [next>] [day] [month] [year] [list]
Message-Id: <FE930A08-3DDF-40C6-A940-C3E6466C4093@gmail.com>
Date: Wed, 11 Jul 2012 14:10:55 +0200
From: sebas <s.guerrero0@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Vulnerability on Instagram application
(Friendship Vulnerability)
=================================================================
Vulnerability on Instagram application (Friendship Vulnerability)
- Original release date:
- Last revised:
- Discovered by: Sebastián Guerrero Selma
- Severity: 5
=================================================================
I. VULNERABILITY
-------------------------
Instagram lack of control on authorization logic allows an user
to add himself as a friend of any user on Instagram social network
II. BACKGROUND
-------------------------
Instagram is a free photo sharing program launched in October 2010
that allows users to take a photo, apply a digital filter to it, and
then share it on a variety of social networking services, including
Instagram's own. A distinctive feature confines photos to a square
shape, similar to Kodak Instamatic and Polaroid images, in contrast
to the 4:3 aspect ratio typically used by mobile device cameras.
Instagram was initially supported on iPhone, iPad, and iPod Touch;
in April 2012, the company added support for Android camera phones
running 2.2 (Froyo) or higher. It is distributed via the iTunes App
Store and Google Play.
III. DESCRIPTION
-------------------------
The mobile application of Android & iPhone is affected by a remote
vulnerability due the lack of control on the logic applied to
authorization feature.
An attacker can perpetrate a brute force attack in the context of
user application and add himself as a friend of all the users on
Instagram, being possible in this way to get access to private
albums and profile information.
IV. POC
-------------------------
http://imgur.com/aZccK
V. BUSINESS IMPACT
-------------------------
An attacker can execute a brute force attack in a targeted
user's account, this can leverage to steal user private pictures.
VI. SYSTEMS AFFECTED
-------------------------
Instagram
VII. SOLUTION
-------------------------
Not fixed
VIII. REFERENCES
-------------------------
http://www.instagram.com
http://blog.seguesec.com
http://twitter.com/0xroot
IX. CREDITS
-------------------------
This vulnerability has been discovered
by Sebastián Guerrero Selma (s.guerrero0 (at) gmail (dot) com).
X. REVISION HISTORY
-------------------------
XI. DISCLOSURE TIMELINE
-------------------------
July 10, 2012: Discovered by Sebastián Guerrero Selma
July 10, 2012: Vendor contacted including PoC.
XII. LEGAL NOTICES
-------------------------
The information contained within this advisory is supplied "as-is"
with no warranties or guarantees of fitness of use or otherwise.
Sebastián Guerrero Selma accepts no responsibility for any damage
caused by the use or misuse of this information.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists