SSL vulnerabilities related to configuration or version
Denial of Service (DoS). There is also rate-limiting functionality on our service, that will kick in after abusive amount of requests is made. There is not need for you to test it and it also has different thresholds for different urls (e.g. much lower for auth related endpoints).
User enumeration
Password policies/2FA (we not trying to build bank here)
Brute forcing
Secure flag not set on non-sensitive cookies
HTTP Only flag not set on non-sensitive cookies
Logout Cross Site Request Forgery (CSRF)
Handling of CSRF token (it is tied to particular app session cookie)
HTTP access control (CORS)
Cookie showmax_oauth not having a Secure flag set
Certain services passing access_token in params
Issues only present in old browsers/old plugins/end-of-life software browsers
HTTP TRACE method enabled
Vulnerability reports related to the reported version numbers of web servers, services, or frameworks
Clickjacking on pages without authentication and/or sensitive state changes
Missing Content-Security-Policy (CSP)
Open ports for services on the servers (e.g. open ssh)
Reports related to password reset token handling, its immediate invalidation etc.
Vulnerability reports that require a large amount of user cooperation to perform unlikely or unreasonable actions which would be more symptomatic of a social engineering or phishing attack and not an application vulnerability (e.g. disabling browser security features, sending the attacker critical information to complete the attack, guiding the user through a particular flow and requiring them to enter malicious code themselves, etc.)
Any physical attempts against Showmax property or data centers
Social engineering (including phishing) of Showmax staff or contractors
Email routing related issues, such as SPF, DKIM or DMARC configuration

Happy Customer Says