Paypal Mobile Verification And Payment Restrictions Bypass

In this post, i would like to share a very simple logic flaw I found earlier this year I have found a way to circumvent mobile verification by utilizing a different portal for logging into a paypal account. The flaw lies in the fact that paypal does not perform two step verification/authorization checks on all different portals that are used to log into a paypal account. Ideally, there should be a centralized authentication mechanism to authenticate the user or else additional authorization checks have to be applied to all different portals that are used to log into paypal ccount.

Tags: 3 Comments

How to Spy on Text Messages

It seems that in recent years most of society, especially the younger generations, have turned to texting as their preferred mode of conversation. The infinite ability to communicate with other people around the world effortlessly has become a growing concern for parents and employers alike who wish to 'keep an eye on', or monitor, their children or employees. In this post we will discuss the methods and implications of text message spying.

Tags: , 2 Comments

Android Browser All Versions - Address Bar Spoofing Vulnerability - CVE-2015-3830


Google security team themselves state that "We recognize that the address bar is the only reliable security indicator in modern browsers" and if the only reliable security indicator could be controlled by an attacker it could carry adverse affects, For instance potentially tricking users into supplying sensitive information to a malicious website due to the fact that it could easily lead the users to believe that they are visiting is legitimate website as the address bar points to the correct website.  


Sucuri WAF XSS Filter Bypass


Sucuri Cloud Proxy is a very well known WAF capable of preventing DOS, SQL Injection, XSS and malware detection and prevention. It acts as a reverse proxy which means that all the traffic sent to an application behind Sucuri WAF would be first sent to Sucuri's network which (based upon it's signature database) would check if a particular request is legitimate or not, if it's legitimate it would let it reach the application otherwise it would blocked.

Due to the fact that Sucuri's Cloud proxy utilizes a Blacklist based protection to prevent application layer attacks, it caught my interest as it has been proven time after time that blacklist based protection is insufficient when attempting to block application layer attacks specifically Cross site scripting, as there are countless ways javaScript could be encoded/represented to bypass the protection and thereby it's very difficult to construct a filter that is capable of blocking all possible combinations while yielding minimum false positives. An example would be Mod Security, they have a Strong XSS filter, However it generates a lot of false positives and in most cases it blocks normal/harmless text.


How To Hack A Mobile Application? - Video Series

In today’s world, new mobile innovations have changed the way we bank, shop, play, and communicate. This increased demand for mobile innovation is placing pressure on organizations and developers to get applications to market, quickly.

Often times this focus on feature functionality rather than application security can result in an app becoming vulnerable to malicious attacks. This lack of mobile application protection provides mobile hackers an entirely new way to exploit applications. Among the most exploitable areas for hackers to target, is the binary code of the mobile application. Binary code is the code you download from a mobile app store and is what the machine reads to execute an application. There are a number of ways “black hats” seek to exploit binary-based vulnerabilities in order to compromise applications. 


CSP 2015 Capture The Flag Writeup

On 11th April Giuseppe Trotta and myself organized a CTF (Capture The Flag) competition for Cyber Secure Pakistan (A conference that combines all the stakeholders). The challenge was hosted on and contained 9 different challenges, some challenges itself contained sub-challenges. Overall, we received great feedback from vast majority of participants. No one was able to solve all the challenges within the given time frame, however a day or two we noticed that a team of "Sajjad" and "MakMan" was able to solve the challenge, and they were kind enough to do the writeup for the challenge, so over to Sajjad for the writeup.


Blog Archive


Recent Comments


Rafay Baloch is an Independent security researcher, Internet marketer, Entrepreneur and a SEO consultant, He is the founder of RHA blog and multiple other blogs. Rafay got famous after finding a Remote Code Execution bug inside PayPal for which PayPal awarded him a sum of 10,000$ Read More..

Join In!

RHA © 2013. All Rights Reserved.