No Actual Daters Harmed in This Workout
Analysis by Alon Boxiner, Eran Vaknin
With more than 50 million users that are registered its launch, plus the bulk aged between 25 and 34, OkCupid the most popular dating platforms globally. Conceived in 2004 whenever four buddies from Harvard created initial free online dating service, it claims that more than 91 million connections are produced through it annually, 50K times made every week plus in 2012 it became the initial major dating internet site to generate a mobile software.
Dating apps enable a cushty, available and connection that is immediate other people making use of the software. By sharing individual choices in every area, and using the appвЂ™s algorithm that is sophisticated it gathers users to like-minded individuals who can instantly begin interacting via instant texting.
To produce each one of these connections, OkCupid develops personal pages for many its users, therefore it makes the match that is best, or matches, centered on each userвЂ™s valuable private information.
Needless to say, these step-by-step individual pages are not only of great interest to love that is potential. TheyвЂ™re also extremely prized by code hackers, as theyвЂ™re the вЂ™gold standardвЂ™ of data either for use in targeted attacks, or even for attempting to sell on with other hacking groups, while they allow assault tries to be extremely convincing to naive goals.
As our scientists have uncovered vulnerabilities various other popular social media marketing platforms and apps, we chose to check out the OkCupid application and see whenever we may find something that matched our passions. And we also discovered things that are several led us into a much much deeper relationship (solely expert, needless to say). OkCupidThe weaknesses we discovered and have now described in this research might have permitted attackers to:
Check always Point Research informed OkCupid developers about the weaknesses exposed in this research and an answer had been responsibly implemented to make sure its users can properly continue using the OkCupid software.
OkCupid added: вЂњNot a solitary individual had been influenced by the possible vulnerability on OkCupid, and then we had the ability to repair it within 48 hours. WeвЂ™re grateful to lovers like Checkpoint whom with OkCupid, place the privacy and safety of y our users first.вЂќ
Deep links allow attackersвЂ™ intents
While reverse engineering the OkCupid application, we discovered so it has вЂњdeep linksвЂќ functionality, to be able to invoke intents into the software using a web browser website link.
The intents that the application form listens to would be the schema, customized schema and lots of more schemas:
A custom can be sent by an attacker website website link which contains the schemas mentioned above. The mobile application will open a webview (browser) window вЂ“ OkCupid mobile application since the custom link will contain theвЂњsectionвЂќ parameter. Any demand shall be delivered aided by the usersвЂ™ snacks.
For demonstration purposes, we used the link that is following
Reflected Cross-Site Scripting (XSS)
As our research proceeded, we now have discovered that OkCupid primary domain, , is vulnerable to an XSS assault.
The injection point for the XSS assault ended up being based in the individual settings functionality.
Retrieving an individual profile settings is created utilizing an HTTP GET demand sent to the following path:
For the true purpose of demonstration, we now have popped a clear window that is alert. Note: even as we noted above, the mobile application is opening a WebView screen therefore the XSS is performed within the context of a authenticated individual utilising the OkCupid mobile application.
Fragile Data visibility & Performing actions on behalf of the target