Monday, December 9, 2019

Media deletion CSRF vulnerability on Instagram

  No comments

Media deletion CSRF vulnerability on Instagram

I noticed a copyright section has been added to instagram. whenever a user violated another person copyright, a notification will be shown to delete or request an appeal for the media.

After uploading a video containing a music I faced with copyright
It was interesting to me, so I started digging into it.

It was possible to delete media by a GET request

Vulnerable Endpoint:{MEDIA_ID}/copyright/dismiss_am/

The MEDIA_ID is a {story_id or post_id} that will be deleted

Opening the malicious link within the both Instagram app or web cause media deletion in the victim's account.

Android POC: Remove story CSRF in android

Web POC: Remove post CSRF in web

User could be tricked into deleting content they had posted on Instagram.

January 29, 2019 – Report Sent
January 29, 2019 – Triaged
January 30, 2019 - Permanent fix
February 14, 2019   $3,000 Bounty awarded

No comments :

Post a Comment