Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
Live Chat Blog #1 - Misconfigured User Auth Leads to Customer Messages
Rojan Rijal - Ophion SecurityPosted 1 Year Ago- Chatbots on websites are becoming more and more popular. They usually come in three flavors: GenAI bot fed customer data to answer questions, simple FAQ on internal and external information and a live agent chat. Most of these are done via some service provider and not rolled in house.
- The service provider of Live Chat systems requires some sort of authentication, naturally. The article has a nice diagram for it. At a high level, the backend will generate a HMAC digest that contains the user identifier. This hash is communicated to the live chat agent backend, allowing the user to make requests.
- They tested various organizations for integrations with the Live Chat platforms. In one of the integrating organizations, they found a signing oracle. The email in the cookies was being used as the input without any checks to see if the user owned the account or not. Since an authentication token was created, they could view the chat logs of the message.
- A fairly simple vulnerability but it required understanding the integrating of complex parts, making it more interesting.
