Monday, May 18, 2009

Hacking into Wharton Business School



I discovered a cool flaw in Wharton's WRDS a few years back. This was a cool bug and it demonstrated the need for proper separation of privileges between front-ends and back-ends. I was able to exploit a demo account, along with some session variable massaging, in order to gain access to all the licensed data. Andrew loved this hack, but it may not have been as cool as the remote VPN exploit I found around the same time ;-P


 from Kristian Hermansen 
to "MacMullan, Hugh" 
date Thu, Jan 11, 2007 at 7:24 PM
subject Re: FW: security
mailed-by gmail.com
 
hide details 1/11/07
 
 
Reply
 
 Follow up message
Hello!

Unauthorized remote users can gain access to database by exploiting flaws in the way the web front-end handles user sessions.  Is this information useful to you?
- Hide quoted text -


On 1/10/07, MacMullan, Hugh  wrote:

    Kristian:

     

    Thank you for contacting The Wharton School regarding the security of the WRDS system.  What is going on?

     

    Cheers, Hugh

    267-978-3236

     

    From: Zhang, Damu
    Sent: Wednesday, January 10, 2007 2:03 PM
    To: Ney, Russell; MacMullan, Hugh
    Subject: security

     

    Hello,

     

    I got this Parature ticket from kristian.hermansen@gmail.com:

     

    -------

    I have discovered remote vulnerabilities in WRDS.  Do you have a security contact?
    -- 
    Kristian Hermansen

    ------

     

    I  googled this name and it looks he is a security consultant. Could one of you contact him?

     

    Thanks.

     

    -Damu




-- 
Kristian Hermansen
Posted by Kristian Erik Hermansen at 11:48 PM

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)