An independent researcher named Kedrisec had disclosed a Twitter vulnerability that could have allowed attackers to tweet from random accounts. The vulnerability was brought to the notice of Twitter on February 26, 2017. The report submitted by the security researcher contained a detailed description of how one could exploit certain vulnerabilities found in the Twitter Ads Studio.
The Twitter Ads Studio is a platform which allows advertisers to post media related to their products and services. According to the timeline posted on hackerone, the security researcher kedrisch was rewarded $7,560 a week after he disclosed the vulnerability.
The summary of vulnerability which was published by Twitter stated:
The reporter discovered a flaw in the handling of Twitter Ads Studio requests which allowed an attacker to tweet as any user. By sharing media with a victim user and then modifying the post request with the victim's account ID the media in question would be posted from the victim's account. This bug was patched immediately after being triaged and no evidence was found of the flaw being exploited by anyone other than the reporter.
So, basically in layman terms, the codes that is sent to Twitter when a user tweets is intercepted and tweaked to tweet from the account of the targeted entity. This is a case of significant authentication bypass where the attacker is able to tweet from anybody’s account without stealing the username and password of the target user.
Security researcher kedrisch has published the proof of concept on his blog which can be read here.
Don’t leave yourself exposed. Find your vulnerabilities before cybercriminals do. Contact us for Vulnerability Assessment and Penetration Testing.