New eBay Password Security Flaw Found

New eBay Password Security Flaw Discovered – With a Smartphone and a free App

It was only in May last year that eBay suffered a massive data breach which saw 145 million users details compromised and forced eBay to instruct all registered users to change their password.

But today this website can reveal a such a glaring hole in eBay’s website security we are surprised no one else has noticed it!  Albeit it is not on the same scale as the password hack of 2014, but it is something eBay really needs to fix!

In fact, it is such an obvious flaw that eBay must be aware of it, it just seems they still don’t take their user’s security that seriously.

So what do you need to exploit this flaw?  Years of hacking experience?  A Linux Box?  A Degree in computer science?


All you need is a Rooted Android device and a free app called zANTI.

zANTI is a mobile penetration testing toolkit, similar to Intercept-NG it can perform Man-In-The-Middle (MITM) attacks, redirect users to another URL, replace images and, most importantly has an SSL Strip function which redirects from HTTPS to HTTP.

The flaw we are discussing today lies in HTTP to HTTPS exploit.  So let’s dive straight in.


This exploit, as you will notice, has been exposed on the UK eBay site, it is unclear if this flaw affects the US site ( and other International eBay sites.

The eBay site, before a user logs in, is un-encrypted, only using HTTP.


Now there are two ways which a users is taken to the secure HTTPS sign in page.  The first is by clicking the ‘Sign in’ link in the top left hand corner of the screen and the second is by clicking on any of the options in the drop down menu ‘My eBay’.


When performing a MITM attack with zANTI using the ‘SSL Strip’ function, an eBay user who clicks the ‘Sign in’ link will still be taken to the HTTPS secure sign in page.

Click for larger image

However if they click any of the options from the ‘My eBay’ drop down menu they will be taken to the non secure HTTP sign in page while zANTI is performing a MITM attack on a target.

And herein lies the problem.  Because the entire eBay site does not use HTTPS zANTI can redirect any user to the non secure HTTP sign in page and capture the user’s eBay Username/email and password.

Click for larger imageHere in the zANTI log you can see, highlighted in yellow, it has captured the password.

Click for larger imageAnd there you have it, with just a (basic) rooted Android device, a free App and zero pen testing knowledge we have captured the username (ebayuser123) and password (12345678) from one of the biggest websites in the world.  And one which is not exactly unversed in user security.

So the next time you are using a free WiFi hotspot, even one using WPA encryption, be aware that when you punch in your password, anyone who can use an App can potentially steal your login details.

Most sites like Facebook use secure HTTPS before you login so this exploit is ineffective, maybe it is time eBay caught up!



48 Hours ”Establish The Link!” Challenge

Paris To Berlin Hackathon

paris 2 berlin hackathon


You might think… Why are we going to try to get network access for 48 hours? That sounds like no hackathon fun!

It would indeed… but that’s not what we’re talking about!

Ever heard of joyn (RCS) and WebRTC? Two simple APIs to connect your app and website users through chat, video call, file exchange…

That’s more like it! For 48 hours we’ll be creating amazing ways to “establish the link” using joyn or why not joyn and webRTC… call it hack-a-chat-athon if you will!

The challenge is to get the other teams to use your solution by the end of the weekend!
Build amazing customer experiences from e-commerce to B2B services!

Chat windows for sales, face to face for training, screen and file exchange for support, from the web or from your phone! We want it all!
Get your users chatting, video calling, and swapping all within your app! Multi-player games, social networks, enterprise collaboration… You name it!

How does it work?

  1. Head down to the venue on Friday evening from 18:00 and join us with your team! Or meet team mates on the day as you wish!
  2. We’ll have a short session to learn everything there is to know about RCS and WebRTC from experts so that you can come up with great hacks…
  3. And… we kick off the 48 hours!! For 48 hours you can stay with us… eat, drink, code and hack…
  4. If you have great ideas we let you share them and build your team…
  5. And on Sunday at 3PM it’s demo time!! You know how that works… judges, fantastic prizes, applause, glory… oh and a bit of stress with the demo demons!!

Why is it called establish the link??? We’d like you to have the solutions working on real phones and on a real network … with a real person on the other side… It’s all about establishing the link!!

And we have loads of cool prizes!!

A trip to hype Berlin for Parisians or to sparky Paris for Berliners… that’s the whole team on tour! (hence the Paris to Berlin hackathon name!)
Droidcon tickets for London / Paris or Berlin…your choice!
Awesome Hardware
And the best applications will be demoed at the RCS Summit in Berlin in October!

Paris 27-29 September 2013, with Orange Partner

Berlin 18-20 October 2013, with Developer Garden

Enterprise developers, business guys, app and web developers, designers everyone’s welcome!!