• Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
MUST READ

Allianz Life security breach impacted 1.1 million customers

 | 

U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog

 | 

AI for Cybersecurity: Building Trust in Your Workflows

 | 

Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

 | 

New NFC-Driven Android Trojan PhantomCard targets Brazilian bank customers

 | 

Cisco fixed maximum-severity security flaw in Secure Firewall Management Center

 | 

'Blue Locker' Ransomware Targeting Oil & Gas Sector in Pakistan

 | 

Hackers exploit Microsoft flaw to breach Canada ’s House of Commons

 | 

Norway confirms dam intrusion by Pro-Russian hackers

 | 

Zoom patches critical Windows flaw allowing privilege escalation

 | 

Manpower data breach impacted 144,180 individuals

 | 

U.S. CISA adds Microsoft Internet Explorer, Microsoft Office Excel, and WinRAR flaws to its Known Exploited Vulnerabilities catalog

 | 

Critical FortiSIEM flaw under active exploitation, Fortinet warns

 | 

Charon Ransomware targets Middle East with APT attack methods

 | 

Hackers leak 2.8M sensitive records from Allianz Life in Salesforce data breach

 | 

SAP fixed 26 flaws in August 2025 Update, including 4 Critical

 | 

August 2025 Patch Tuesday fixes a Windows Kerberos Zero-Day

 | 

Dutch NCSC: Citrix NetScaler zero-day breaches critical orgs

 | 

Chrome sandbox escape nets security researcher $250,000 reward

 | 

Smart Buses flaws expose vehicles to tracking, control, and spying

 | 
  • Home
  • Cyber Crime
  • Cyber warfare
  • APT
  • Data Breach
  • Deep Web
  • Digital ID
  • Hacking
  • Hacktivism
  • Intelligence
  • Internet of Things
  • Laws and regulations
  • Malware
  • Mobile
  • Reports
  • Security
  • Social Networks
  • Terrorism
  • ICS-SCADA
  • POLICIES
  • Contact me
  • Home
  • Hacking
  • Intelligence
  • Security
  • LinkedIN – Vulnerability in the authentication process and related risks

LinkedIN – Vulnerability in the authentication process and related risks

Pierluigi Paganini May 22, 2012

A serious vulnerability has been found in the authentication process of the popular network LinkedIN, the news published on the Spanish blog of the security expert Fernando A. Lagos Berardi. The article published reports that a vulnerability in LinkedIn allows obtaining user’s password.

For the authentication process LinkedIn adopts a token in login phase that can be used several times with different usernames and also using the same IP address. This behavior let suggest that the token is not verified after the first login, exposing the authentication process to brute force attack.

This attack is possible due to an error in validating of the security token (CSRF token) that allows to the attacker to send an unlimited number of requests using the same token for different users. The only secure mechanism implemented against the attack is a Captcha challenge-response test after a dozens of attempts.

The author of the article has proven the existence of the vulnerability following the procedure:

Step.1

First of all is necessary to retrieve a valid token during a successfully authentication to the LinkedIn platform, that is possible intercepting the POST request made and in particular the field “sourceAlias” and “csrfToken”. Login into your LinkedIn account and capture the “sourceAlias” and “csrfToken” variable (example: sourceAlias=0_7r5yezRXCiA_H0CRD8sf6DhOjTKUNps5xGTqeX8EEoi&csrfToken=ajax%3A6265303044444817496)

 

Step.2

Let’s note that it is not necessary to send these values ​​using POST request methods, it is possible to write a script to send login request using GET methods validating the answer and checking the password.

To try the procedure let’s use the Token to login into another account:

https://www.linkedin.com/uas/login-submit?csrfToken=ajax%3A6265303044444817496&session_key=somebody () somedomain.com&session_password=ANY_PASSWORD&session_redirect=&sourceAlias=0_7r5yezRXCiA_H0CRD8sf6DhOjTKUNps5xGTqeX8EEoi&source_app=&trk=secureless

where session_key is the username and session_password is the password.

Consider that the password (session_password) is not correct if the requested URL returns “The email address or password you provided does not match our records“, else the password if correct.

The script developed reads an input text file usable as dictionary to perform the attack.
The author of the attack have created a specific account using the email “panic@zerial.org” and for the hack has used a dictionary containing the following words:

asdfgh
zxcvbnm
1,234,567
0987654
12345698
456_4567
123456qwert
123456qwerty
12345qwei
112233

The hack successfully excecuted finding the correct password contained in the dictionary file. Following command for the script execution:

 

For reasons of time I had no way to prove the script that has been also proposed on the popular security site Seclists.org.

Demonstrated the vulnerability has to wonder what the real risks for the victims. On more than one occasion we discussed the possibility of carrying out intelligence operations across all major platforms for social networks.

Any vulnerability in this type of systems exposes users to risks of identity theft, a hacker could collect information about the victim using its profile for other purposes and attacks. In fact, using social engineering techniques on similar platforms with a “stolen” account an attacker can retrieve sensible information related any user.

In the specific case the aggravating is that the popular network is mainly used for the construction of networks of professionals, including agents of many Governments.

Pierluigi Paganini

References

Fernando A. Lagos Berardi, Seguridad Informatica
Blog: http://blog.zerial.org/seguridad/vulnerabilidad-en-linkedin-permite-obtencion-de-contrasenas/

facebook linkedin twitter

authentication process brute force attack Espionage Hackers Hacking Identity Theft Intelligence Large scale infiltration LinkedIn Social Engineering social networks vulnerability

you might also like

Pierluigi Paganini August 19, 2025
U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog
Read more
Pierluigi Paganini August 18, 2025
AI for Cybersecurity: Building Trust in Your Workflows
Read more

leave a comment

newsletter

Subscribe to my email list and stay
up-to-date!

    recent articles

    Allianz Life security breach impacted 1.1 million customers

    Data Breach / August 19, 2025

    U.S. CISA adds Trend Micro Apex One flaw to its Known Exploited Vulnerabilities catalog

    Hacking / August 19, 2025

    AI for Cybersecurity: Building Trust in Your Workflows

    Security / August 18, 2025

    Taiwan Web Infrastructure targeted by APT UAT-7237 with custom toolset

    APT / August 16, 2025

    New NFC-Driven Android Trojan PhantomCard targets Brazilian bank customers

    Malware / August 15, 2025

    To contact me write an email to:

    Pierluigi Paganini :
    pierluigi.paganini@securityaffairs.co

    LEARN MORE

    QUICK LINKS

    • Home
    • Cyber Crime
    • Cyber warfare
    • APT
    • Data Breach
    • Deep Web
    • Digital ID
    • Hacking
    • Hacktivism
    • Intelligence
    • Internet of Things
    • Laws and regulations
    • Malware
    • Mobile
    • Reports
    • Security
    • Social Networks
    • Terrorism
    • ICS-SCADA
    • POLICIES
    • Contact me

    Copyright@securityaffairs 2024

    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept All”, you consent to the use of ALL the cookies. However, you may visit "Cookie Settings" to provide a controlled consent.
    Cookie SettingsAccept All
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities...
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
    Non-necessary
    Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
    SAVE & ACCEPT