Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Endpoint Security Question
2 points by takklz on April 2, 2020 | hide | past | favorite | 2 comments
Random question that perhaps someone could shed some light on.

My buddy and I are having an argument regarding one of our pages. The page is for unsubscribing from emails. Simple enough, the endpoint looks like this:

Blah blah.com/emailpref?email=test@test.com

This takes them to a page saying. “Thanks, John for visiting your email preferences page”.

From there they manage their email preferences.

I told him that this is a super insecure design, and theoretically someone could brute force usernames and emails from this.

Am I overreacting? What am I missing here?



Pentester here. Absolutely something I would look at and abuse. You're disclosing information, allowing the harvesting of valid email addresses, and allowing access to an account. even if only in a limited capacity for email management, based on only the email. There's no reason to do it this way.

See here: https://portswigger.net/web-security/access-control/idor


Thank you so much for the reply!!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: