Submitting Same Vulnerabilities?

Questions or requests about submissions
Locked
Spam404Online
Posts:296
Joined:Mon Nov 23, 2015 6:43 pm
Contact:
Contact Spam404Online
Submitting Same Vulnerabilities?

Post by Spam404Online » Sun Dec 20, 2015 2:07 am

So I recently noticed this -
Image

Upon looking at the submissions they appear to be all duplicates that other researchers have submitted.

Let's take the top three in the picture for example -
https://www.xssposed.org/incidents/117652/ (submitted here first - https://www.xssposed.org/incidents/99318/)
https://www.xssposed.org/incidents/117651/ (submitted here first - https://www.xssposed.org/incidents/99323/)
https://www.xssposed.org/incidents/117650/ (submitted here first - https://www.xssposed.org/incidents/99350/)

I know some people had issues with me submitting previously unidentified vulnerabilities in mass but I've yet to see someone say anything about this so I thought I'd point it out as it essentially makes the "Top Researchers" section aimless.
Last edited by Spam404Online on Tue Jan 26, 2016 7:14 pm, edited 1 time in total.
Top
Spam404Online
Posts:296
Joined:Mon Nov 23, 2015 6:43 pm
Contact:
Contact Spam404Online

Re: Submitting Same Vulnerabilities?

Post by Spam404Online » Sun Dec 20, 2015 5:08 pm

Looks like same thing today, flooding VIP submissions with duplicates -

Image
Top
User avatar
x1admin
Site Admin
Posts:3102
Joined:Sun Nov 15, 2015 7:04 pm

Re: Submitting Same Vulnerabilities?

Post by x1admin » Sun Dec 20, 2015 7:24 pm

We deleted the 3 doubles. Please let us know in the future when somebody cheats and re-submits existing vulnerabilities - all these vulnerabilities will be immediately deleted.

We will also change a little bit submission validation system to prevent such doubles (when the same parameter is re-submitted via different HTTP method).
Top
User avatar
x1admin
Site Admin
Posts:3102
Joined:Sun Nov 15, 2015 7:04 pm

Re: Submitting Same Vulnerabilities?

Post by x1admin » Sun Dec 20, 2015 7:26 pm

And in the future please also ping the researcher in question directly when you see such cases - will save a lot of time to us.
Top
Spam404Online
Posts:296
Joined:Mon Nov 23, 2015 6:43 pm
Contact:
Contact Spam404Online

Re: Submitting Same Vulnerabilities?

Post by Spam404Online » Mon Dec 21, 2015 7:15 am

x1admin wrote:And in the future please also ping the researcher in question directly when you see such cases - will save a lot of time to us.
Thanks for the feedback here!

I did email the researcher on the second day I noticed this happening, didn't hear anything back though unfortunately.

Here's some more duplicates for deletion -
https://www.xssposed.org/incidents/118095/
https://www.xssposed.org/incidents/118094/
https://www.xssposed.org/incidents/118093/
https://www.xssposed.org/incidents/118090/
https://www.xssposed.org/incidents/118089/
https://www.xssposed.org/incidents/118088/
https://www.xssposed.org/incidents/118087/
https://www.xssposed.org/incidents/118086/
https://www.xssposed.org/incidents/117598/
Top
User avatar
x1admin
Site Admin
Posts:3102
Joined:Sun Nov 15, 2015 7:04 pm

Re: Submitting Same Vulnerabilities?

Post by x1admin » Mon Dec 21, 2015 8:14 pm

Deleted all duplicates. Let us know if there are anymore.
Top
Spam404Online
Posts:296
Joined:Mon Nov 23, 2015 6:43 pm
Contact:
Contact Spam404Online

Re: Submitting Same Vulnerabilities?

Post by Spam404Online » Mon Dec 21, 2015 9:23 pm

x1admin wrote:Deleted all duplicates. Let us know if there are anymore.
Thanks again.

I found what seems to be another submission bug. This time affecting open redirect submissions.

First submission - https://www.xssposed.org/incidents/72776/

Duplicate - https://www.xssposed.org/incidents/118532/

It seems if the redirect URL for XSSPosed is different than the previous submission(s) it is accepted. In this case a single forward slash was missing at the end on the duplicate resulting in it's success, can this be prevented?
Top
Spam404Online
Posts:296
Joined:Mon Nov 23, 2015 6:43 pm
Contact:
Contact Spam404Online

Re: Submitting Same Vulnerabilities?

Post by Spam404Online » Mon Dec 21, 2015 9:34 pm

I also just noticed this -

https://www.xssposed.org/incidents/118578/
https://www.xssposed.org/incidents/118581/
https://www.xssposed.org/incidents/118582/

Maybe blacklist URL shortener domains from being accepted? I don't think they should be considered open redirects :D

:lol: ----> https://i.gyazo.com/5126ce0fda9976175fd ... 3c4238.png
Top
User avatar
x1admin
Site Admin
Posts:3102
Joined:Sun Nov 15, 2015 7:04 pm

Re: Submitting Same Vulnerabilities?

Post by x1admin » Tue Dec 22, 2015 2:00 pm

deleted
Top
Spam404Online
Posts:296
Joined:Mon Nov 23, 2015 6:43 pm
Contact:
Contact Spam404Online

Re: Submitting Same Vulnerabilities?

Post by Spam404Online » Tue Dec 22, 2015 6:19 pm

Thanks!

More for deletion -

Using HTTP Post Data -
https://www.xssposed.org/incidents/118085/
https://www.xssposed.org/incidents/118084/
https://www.xssposed.org/incidents/118082/
https://www.xssposed.org/incidents/118075/
https://www.xssposed.org/incidents/118071/
https://www.xssposed.org/incidents/118069/
https://www.xssposed.org/incidents/118065/
https://www.xssposed.org/incidents/118061/
https://www.xssposed.org/incidents/118059/
https://www.xssposed.org/incidents/118058/
https://www.xssposed.org/incidents/118057/
https://www.xssposed.org/incidents/118056/
https://www.xssposed.org/incidents/118055/
https://www.xssposed.org/incidents/118054/
https://www.xssposed.org/incidents/118052/
https://www.xssposed.org/incidents/118051/
https://www.xssposed.org/incidents/118050/
https://www.xssposed.org/incidents/117649/
https://www.xssposed.org/incidents/117648/
https://www.xssposed.org/incidents/117647/
https://www.xssposed.org/incidents/117646/
https://www.xssposed.org/incidents/117645/
https://www.xssposed.org/incidents/117643/
https://www.xssposed.org/incidents/117642/
https://www.xssposed.org/incidents/117639/
https://www.xssposed.org/incidents/117638/
https://www.xssposed.org/incidents/117637/
https://www.xssposed.org/incidents/117634/
https://www.xssposed.org/incidents/117633/
https://www.xssposed.org/incidents/117629/
https://www.xssposed.org/incidents/117622/
https://www.xssposed.org/incidents/117620/
https://www.xssposed.org/incidents/117619/
https://www.xssposed.org/incidents/117617/
https://www.xssposed.org/incidents/117616/
https://www.xssposed.org/incidents/117615/
https://www.xssposed.org/incidents/117614/
https://www.xssposed.org/incidents/117613/
https://www.xssposed.org/incidents/117611/
https://www.xssposed.org/incidents/117610/
https://www.xssposed.org/incidents/117608/
https://www.xssposed.org/incidents/117607/
https://www.xssposed.org/incidents/117606/
https://www.xssposed.org/incidents/117605/
https://www.xssposed.org/incidents/117604/
https://www.xssposed.org/incidents/117602/
https://www.xssposed.org/incidents/117601/
https://www.xssposed.org/incidents/117599/
https://www.xssposed.org/incidents/117597/
https://www.xssposed.org/incidents/117595/
https://www.xssposed.org/incidents/119124/


URL Shorteners -
https://www.xssposed.org/incidents/118594/
https://www.xssposed.org/incidents/82076/
https://www.xssposed.org/incidents/63884/
https://www.xssposed.org/incidents/118595/
https://www.xssposed.org/incidents/48810/
https://www.xssposed.org/incidents/82080/
https://www.xssposed.org/incidents/118593/
https://www.xssposed.org/incidents/118592/
https://www.xssposed.org/incidents/118585/
https://www.xssposed.org/incidents/118584/
https://www.xssposed.org/incidents/118583/
https://www.xssposed.org/incidents/48996/
https://www.xssposed.org/incidents/48971/
https://www.xssposed.org/incidents/82083/
https://www.xssposed.org/incidents/82085/
https://www.xssposed.org/incidents/82065/
Top
Locked

Return to “Submissions Discussion”

Who is online

Users browsing this forum: No registered users and 2 guests