LinkedIn Vulnerability allow Hacker to Compromise Victims System

The world's largest professional social network LinkedIn, which has more than 500 million users was suffering from a vulnerability that allows an attacker to bypass its security restrictions and compromise the user's system.

LinkedIn Messenger is one of the most used platforms that helps professional to share their skills, Messenger easily sends resumes, transfer academic research, and share job descriptions from the LinkedIn community.

The security flow implemented on LinkedIn Messenger, which checks the behavior of attached files before sending or uploading, could be bypassed just by changing the extension name of the malicious file.

How Vulnerability Works?
According to the checkpoint research, an attacker can easily upload the malicious PowerShell script into the LinkedIn messenger just by changing its extension to PDF. So, whenever you are uploading something, whether it is a certificate of achievement or a resume from a free resume builder, you have to check the links before uploading. 

This Vulnerability Allows attackers to upload any Malicious file into LinkedIn Messenger by Modifying the Extension of the Malicious file.

Below is the POC image of the POST request made to the server while uploading a malicious file.

In the above image, you can clearly see that LinkedIn Security Restriction will allow (Virus Not Detected) to upload the Malicious file because of Modifying the File Extension.

Finally Malicious File will be successfully uploaded without detection by the LinkedIn security restrictions and once the Victim clicks the file it will be triggered and successfully infect the victim’s Machine.

Video Demonstration
Read Also
Post a Comment