One can send message to anyone using ‘@‘ from any given account in Twitter platform. But this arrangement is challenged by a security bug. Security researcher who goes by alias ‘Kedrisch’ reported this bug to the twitter through Twitter’s bug bounty program run by Hackerone.
“The reporter discovered a flaw in the handling of Twitter Ads Studio requests which allowed an attacker to tweet as any user,” the Hackerone bug report states. “By sharing media with a victim user and then modifying the post request with the victim’s account ID, the media in question would be posted from the victim’s account.”
Kedrisch also provided detailed writeup on the flaw and the steps to discover the vulnerability. The process involves intercepting the owner_id and user_id parameters and using it as a part of the GET and POST actions.
The bug allowed hackers to publish post through any user. Twitter mentioned that the vulnerability was not exploited.
“As former appsec tech lead for twitter, I’ll just say I’m not shocked this was in code from the ads team,” security researcher Charlie Miller wrote in a Twitter message.
Miller has won the famous Pwn2own hacking competition. He is also one who hacked iPhone first time.
Miller responded to one of his team mate, “if a team is responsible for the vast majority of security issues, maybe they should feel not awesome?”
Twitter awarded Kedrisch with $7,560 for the disclosure of the bug. Kedrisch has also disclosed the bug in the twitter platform in December 2016. He got $1,120 for a low severity bug. The ethical hacker also got $1,260 in Oct 2016 for reporting disclosure flaw in the publish.twitter.com. This particular bug was rated as medium security issue.
Kedrisch received three other bounties totaling $1,540 which was not publicly disclosed.
____________________________________________________________________________________________
The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc.