Yogesh Jaygadkar

Hey all, If you want to share your Laptop internet with your mobile device without using any third party tool & that too in couple of steps, yeah, very quickly ;), then follow the below given steps. Step 1. Open Command Prompt, as an Administrator, Step 2. Enter below given commands. Command 1. netsh wlan set hostednetwork mode=allow ssid=abcd key=10 Digit Key Note : ssid can be any name which will get displayed as wifi network.            Key can be any 10 Digit numbers. For Ex. 0000000000 Command 2. netsh wlan start hostednetwork Step 3. Go to the properties of your Local Area Connection which is connected to the Internet. Then Click on Sharing tab And select the check box under "Internet connection sharing". Now Select the network which we created using commands. [here, abcd ]. Click OK Done ;) Now you can Join the wifi internet from your mobile device.

Exploit Title: Cross Site Scripting ( XSS - Stored ) vulnerability in vBulletin SEO Plugin vBSEO . Found By:  Yogesh Jaygadkar | http://www.jaygadkar.com/ Tested versions: vBSEO 3.2.0 & vBSEO 3.6.0 Tested with: vBulletin 4.0.6 & vBulletin 4.2.1 Vulnerable POST Parameter:  sendtrackbacks vBSEO Plugin for vBulletin contains a flaw that allows a stored cross-site scripting (XSS) attack. This flaw exists because the application does not validate the 'sendtrackbacks' parameter upon submission to the /forum/newreply.php & /forum/newthread.php script. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. POC: http://www.VictimVBForum.com/forum/newreply.php?do=postreply&t=[Thread ID] http://www.VictimVBForum.com/forum/newthread.php?do=newthread&f = In Advanced Reply Or New Thread page, Put your ">vec...

Okay... So, here is another one old & duplicate bug from PayPall , which I reported looooong back. I have found some strange results of api-3t.sandbox.paypal.com. This sub domain is storing all credit card information of paypal user in URL. Below is the google dork for finding such “stored” CC details. Google Dork: site:sandbox.paypal.com inurl:CVV2= Google results are not much, nearly 80, but still harmful as sensitive user information is getting leaked.

Listed in Barracuda Networks Security - Hall of Fame.     Found multiple vulnerabilities in Barracuda security products. Bugs are still not patched.   'll update the POC once all bugs gets patched Thanks :)

After 2 continues duplicate bugs & 2 Rejections, Google Accepted my 3 bugs... 1 bug is fixed, 2 more in row : D   1st bug did not qualify for a reward so they listed me on their Google Hall of Fame - distinction  . But soon I'll be on Reward Recipients page ;)     So, Finally I am listed in Google Hall Of Fame. ‘ll update the POC once all bugs gets patched

Title : SQL Injection Vulnerability in www.ebay.com sub domains Author : Yogesh D Jaygadkar Reported : December 27, 2012 Fixed : Jan 15, 2013 Public Released : Jan 25, 2013 Thanks To : Darshit Ashara Greets : Rahul Bro, Aasim, Sandeep, Sagar Description : Last Month I reported SQL Injection vulnerabilities in www.ebay.com  sub domains. You can see how many days they took for patching & allowing me to publish the vulnerability. But finally they fixed it & listed me in their Researchers Acknowledgement Page . Like every other bounty hunter I was also searching for some vulnerability in EBAY. That time I have no idea that Ebay don’t give bounty for any vulnerability. Not even for SQL Injection. :) POC: Sub Domains:   http://sea.ebay.com & http://export.ebay.co.th/ Page: http://sea.ebay.com/ searchAnnoucement.php http://export.ebay.co.th/ searchAnnoucement.php Vulnerable Parameter: “ checkbox” Array POST parameter. Search opt...

Title :  Password Reset Vulnerability in etsy.com Vuln URL :  https://www.etsy.com/confirm.php?email= Author : Yogesh D Jaygadkar Reported : December 30, 2012 Fixed : December 30, 2012 Public Released :  Jan 08, 2013   Description : In etsy.com, when users reset their password, they receives password reset link which is as below. https://www.etsy.com/confirm.php?email=[User Email ID]&code=[Token code]&action=reset_password&utm_source=account&utm_medium=trans_email&utm_campaign=forgot_password_1 When I received this mail, I started playing with this link. I noticed that token is not getting validated from server side. So I removed it & tested with my own id.  Final POC : https://www.etsy.com/confirm.php?email=[victim user's email ID]&action=reset_password&utm_source=account&utm_medium=trans_email&utm_campaign=forgot_password_1 And Password changed successfully.   ...

Title : HTML Injection in Symantec.com Vuln URL :  http://www.symantec.com/business/support/index?page=content&id= Author : Yogesh D Jaygadkar Reported : July 02, 2012 Fixed : July 03, 2013 Public Released :  July 03, 2013 OS : Win7, Win XP, Ubuntu Description: HTML injection is a type of attack focused upon the way HTML content is generated and interpreted by browsers at client side. so if an attacker embeds html/script tags such <html>, <SCRIPT> , <OBJECT> , <APPLET> , or <EMBED> into a web site, the web browser's JavaScript engine will execute it. While searching about some anti-virus related information i found that  Symantec Antivirus  official website is vulnerable to HTML Injection. Attacker can add  HTML Tags  into URL to execute html code on website. Screenshot 1 : Screenshot 2 :

finally I'm listed in  Security Researcher Acknowledgments for Microsoft Online Services Thanks to Microsoft & specially Nate from Microsoft for quick response.Thanks to all my friends.

Title: MSN.com Vulnerable to XSS - Cross Site Scripting Script Link: http://investing.money.msn.com/investments/equity-historical-price/?PT=7&D4=1&DD=1&D5=0&DCS=2&MA0=0&MA1=0&CF=0 &>">/* Script Here */=1 &SZ=0&symbol=Asp& Author: Yogesh Jaygadkar  Reported: Tuesday, May 01, 2012  Vulnerability Fix date : 22 May 2012  Public Release: 22 May 2012  Browser : FireFox , IE OS : Win7 , Ubuntu Description:  XSS - Cross Site Scripting Vulnerability found in MSN.com .Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere. An attacker can use XSS to send a malici...