Joining any class without the teacher’s invitation in Khan Academy
2021-08-11 05:18:00 Author: infosecwriteups.com(查看原文) 阅读量:27 收藏

Renganathan

Hi There,

Renganathan here.

Khan Academy VDP

This write-up is about a vulnerability that I found on khanacademy.org. Khan Academy Got a VDP on hackerone.

There was a virtual class that may be somewhat similar to google classroom I guess :)

I started testing with a few vulnerabilities like privilege escalation from student to teacher & unfortunately I couldn’t get one :/

So I was testing for the class joining functionalities and I found the class links were like:

khanacademy.org/join/A1B95FG6

I tested for IDOR and looking for similar class codes. But the chances of correct codes were very less and most of them were returning with 404 :(

So making things easy I used the below google dork to enumerate all the class code:

site:khanacademy.org/join/*

So I was able to enumerate all the classes and I joined one class :) as shown in the POC:

Resolved

Thanks for reading :)
Stay Safe.

https://www.instagram.com/renganathanofficial/

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium.

Renganathan

Written by

16 | Founder of R Protocols | Security Researcher | LinkedIn, Canva, United Nations, Medium, BYJU’s & 10+ companies. https://linktr.ee/renganathan

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium.


文章来源: https://infosecwriteups.com/joining-any-class-without-the-teachers-invitation-in-khan-academy-25b0855a56c1?source=rss----7b722bfd1b8d--bug_bounty
如有侵权请联系:admin#unsafe.sh