I live in the US and discovered a vulnerability in a government site form for a state I do not live in. This form returns this information:
- Full name
- DOB (d,m,yr)
- Town
- Affiliated voter party
- Gender
You can get this information through brute force, and all you need is the correct combo of town and last name. I checked other states and could not find another state that allows this to happen. All of the others' use proper protections that prevent it entirely.
So for example, you can send
- Last name: Smith
- Town name
And you can get back:
- John Michael Smith
- DOB: June 14 1956
- Town: New York City
- Party: Republican
- Gender: Male
Like I said, this can be brute forced.
- No rate limiting
- No CAPTCHA
- No required complex headers or cookies
- Can be done completely headless
I would like to be ethical and report this, but I am not sure the best way to do so without it possibly coming back at me negatively. I have not and will not sell any of the information found, I just want it to be fixed.
[link] [comments]
from hacking: security in practice https://ift.tt/lKX0xqh
Comments
Post a Comment