|
Brought to you by:
Suppliers of:
|
|
|
| |
| Boursorama is the French leader of stock market information. This financial site dedicated to providing the most up-to-the-minute stock quotes from France and from other international markets. The stock information is provided by multiple databases from companies (balances, forecasts, news) and by market commentaries 24 hours a day. Boursorama offers personalized services including: email, budget management, and forums. These services are based on login/password authentication, stores in a cookie. The login and password are stored in clear text. |
| |
Credit:
The information has been provided by Eyrill / Securiteinfo.com.
|
| |
This is part of the Boursorama cookie:
*
log
my_login
boursorama.com/
0
1777520896b
29827774
2580969488
29460647
*
pass
my_password
boursorama.com/
In this example, my_login and my_password are the login and password in clear text. Retrieving the cookie is possible to anyone with access to the cookies.txt file, or man-in-the-middle attack, but several browser vulnerabilities allow remote sites to retrieve cookies that were not planted by them. This enables malicious web site operators to 'steal' the Boursorama cookie, effectively retrieving the username and password.
Exploit:
An exploit has been made in Visual Basic, and can be downloaded at:
http://www.securiteinfo.com/download/boursorama.zip. This program search the cookie on the disk drive, and, if found, print the login and password on the screen.
Solution:
The solution is to use strong crypto to encrypt the login and password stored in the cookie. The vendor has been informed and has solved the problem.
|
|
|
|
|
