CoinEx Global Disclosed Report

https://www.coinex.com/en/

Overview of the Vulnerability The Vulnerability is about leaked and valid usernames and password for managers and can be found in public i use waymore tool to grep this sensitive data

Steps to Reproduce Using Waymore to ==> you can get it using this steps

git clone https://github.com/xnl-h4ck3r/waymore.git
cd waymore
sudo python setup.py install

add api key in config.yml

URLSCAN_API_KEY: 3613457b-3898-47f0-873c-5a9fb3feae9f
VIRUSTOTAL_API_KEY: b40c6b4cfd008d964acda7e3bcc79fb25e660f289dbef747fd4100653edd71da

After install it and add your api key ==> Use this command python3 waymore.py -i www.coinex.com -mode U 00.png

Navigate to result folder you will find txt file waymore.txt Use this command to grep the emails and passwords cat results/www.coinex.com/waymore.txt|grep "@"

https://www.coinex.com/account/signin:[email protected]:Jose22622290
https://www.coinex.com/en/signin:[email protected]:Ikariam01
https://www.coinex.com/register:[email protected]:97314862@Ad
https://www.coinex.com/register,469073,2umZAXSY@
https://www.coinex.com/register:[email protected]:928417820LORA
https://www.coinex.com/en/signin:[email protected]:Shareef$4444
https://www.coinex.com/signin:[email protected]:pFwiASuQ98*
https://www.coinex.com/register:[email protected]:M0rteza1234

0.png Proof of Concept (PoC) at any URL that we get from waymore tool for example ==> https://www.coinex.com/en/signin:[email protected]:Ikariam01

Navigate to :https://www.coinex.com/en/signin?redirect=%2F And use the credentials we get Email : [email protected] Password : Ikariam01

1.png

2.png you will find that the username and password are valid but there is 2FA send to the mobile number or email I decided to stop testing and report the issue as it immediately because might be one of the user's 2FA not active and that might led to bypass the authentication and to let the final decision to you Thank you have a nice day