Return-Path: <security@bugbounty.help>
Delivered-To: mshostin+spam@s21.hosterpk.com
Received: from s21.hosterpk.com
by s21.hosterpk.com with LMTP
id 8OVNBMGFmGeRATkArcgM2A
(envelope-from <security@bugbounty.help>)
for <mshostin+spam@s21.hosterpk.com>; Tue, 28 Jan 2025 07:22:41 +0000
Return-path: <security@bugbounty.help>
Envelope-to: postmaster@ms-hostingladz.com,
hello@ms-hostingladz.com,
sales@ms-hostingladz.com,
support@ms-hostingladz.com,
privacy@ms-hostingladz.com,
webmaster@ms-hostingladz.com,
help@ms-hostingladz.com,
contact@ms-hostingladz.com,
info@ms-hostingladz.com
Delivery-date: Tue, 28 Jan 2025 07:22:41 +0000
Received: from bugbounty.help ([109.199.105.26]:60657 helo=cp.bugbounty.help)
by s21.hosterpk.com with esmtps (TLS1.3) tls TLS_AES_256_GCM_SHA384
(Exim 4.98)
(envelope-from <security@bugbounty.help>)
id 1tcfvl-0000000FejU-06dO;
Tue, 28 Jan 2025 07:22:40 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=bugbounty.help; s=mail; h=Message-Id:Content-Transfer-Encoding:Content-Type
:Subject:Date:Reply-To:To:From:MIME-Version:Sender:Cc:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=ZgUkM5L4VIg2acsfL2tObIDWE3T0mwcv60M711GKcwY=; b=mXKDUz3jZ5C5v+U5SdRTl8mJ6u
Iv0rL1STct2TXhKXQW6YDQBd8cfDjhJUIYKMhGG+Qqr104/l6dazi3TwonZq1GIzXysxCr7tChFkE
hPgK1HA7CFd3WDF7nmkhtJVTJWs4gWm5vQJ6jMCIo8iZfV1bROlTWuMIoXNdUBb1HSKg=;
Received: from [196.115.94.215] (helo=Lenovo)
by cp.bugbounty.help with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
(Exim 4.93)
(envelope-from <security@bugbounty.help>)
id 1tcfry-001GCJ-00; Tue, 28 Jan 2025 08:18:51 +0100
MIME-Version: 1.0
From: "BugBountyReport" <security@bugbounty.help>
To: info@ms-hostingladz.com, contact@ms-hostingladz.com,
help@ms-hostingladz.com, admin@ms-hostingladz.com,
webmaster@ms-hostingladz.com, privacy@ms-hostingladz.com,
support@ms-hostingladz.com, sales@ms-hostingladz.com,
hello@ms-hostingladz.com, postmaster@ms-hostingladz.com
Reply-To: alihunter.adam@gmail.com
Date: 28 Jan 2025 08:18:45 +0100
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Message-Id: <E1tcfry-001GCJ-00@cp.bugbounty.help>
X-Spam-Status: Yes, score=7.4
X-Spam-Score: 74
X-Spam-Bar: +++++++
X-Spam-Report: Spam detection software, running on the system "s21.hosterpk.com",
has identified this incoming email as possible spam. The original
message has been attached to this so you can view it or label
similar future email. If you have any questions, see
root\@localhost for details.
Content preview: Hello, I hope this email finds you well.
Content analysis details: (7.4 points, 5.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
-0.0 SPF_PASS SPF: sender matches SPF record
0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The
query to Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[109.199.105.26 listed in sa-trusted.bondedsender.org]
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URI: ms-hostingladz.com]
[URI: bugbounty.help]
0.0 RCVD_IN_VALIDITY_SAFE_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[109.199.105.26 listed in sa-accredit.habeas.com]
0.0 RCVD_IN_VALIDITY_RPBL_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to
Validity was blocked. See
https://knowledge.validity.com/hc/en-us/articles/20961730681243
for more information.
[109.199.105.26 listed in bl.score.senderscore.com]
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
-0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from
envelope-from domain
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
4.5 URIBL_DBL_SPAM Contains a spam URL listed in the Spamhaus DBL
blocklist
[URI: bugbounty.help]
0.0 HTML_MESSAGE BODY: HTML included in message
0.1 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
-0.0 T_SCC_BODY_TEXT_LINE No description available.
0.5 KAM_NUMSUBJECT Subject ends in numbers excluding current years
2.5 FREEMAIL_FORGED_REPLYTO Freemail in Reply-To, but not From
X-Spam-Flag: YES
Subject: ***SPAM*** Urgent : Security Vulnerability Report for ms-hostingladz.com -
Immediate Attention Required - BBR 11316162
=0D=0A<html>=0D=0A <p>Hello,</p>=0D=0A=0D=0A <p>I hope this=
email finds you well.</p>=0D=0A=0D=0A <p>My name is Ali Adam,=
and I am a bug hunter and security researcher. In my spare time,=
I seek out vulnerabilities on websites to help improve their sec=
urity while also earning a living. Recently, I discovered and rep=
orted a potential issue on your website through Open Bug Bounty.<=
/p>=0D=0A=0D=0A <p>However, I suspect that you may not have re=
ceived the notification due to some delays on their servers. Ther=
efore, I wanted to reach out directly via email to ensure you hav=
e all the details of the bug report.</p>=0D=0A=0D=0A <h3>Title=
of Bug: PHP Info Exposure on ms-hostingladz.com</h3>=0D=0A=0D=0A=
<h3>Overview:</h3>=0D=0A=0D=0A <p>During a bug bounty hunt=
ing session, a PHP Info page was discovered on ms-hostingladz.com=
. This page exposes sensitive configuration details about the ser=
ver's PHP environment, which can be leveraged by attackers to per=
form targeted attacks, such as exploiting known vulnerabilities, =
identifying installed extensions, and gathering information about=
the server's file system.</p>=0D=0A=0D=0A <h3>Vulnerability D=
etails:</h3>=0D=0A=0D=0A <p>Affected URL: https://ms-hosti=
ngladz.com/phpinfo.php</p>=0D=0A <p>Vulnerability Type: In=
formation Disclosure</p>=0D=0A=0D=0A=0D=0A <h3>Description:</h=
3>=0D=0A <p>The file PhpInfo on the ms-hostingladz.com domain =
contains a call to the phpinfo() function, which outputs detailed=
information about the PHP environment. This information includes=
the PHP version, server details, loaded extensions, environment =
variables, and more. An attacker can use this data to identify we=
aknesses in the server configuration and potentially craft specif=
ic attacks against the server.</p>=0D=0A=0D=0A <h3>Steps to Re=
produce:</h3>=0D=0A=0D=0A <p>1- Open a web browser and nav=
igate to the following URL: https://ms-hostingladz.com/phpinfo.ph=
p</p>=0D=0A <p>2- The PHP Info page will be displayed, rev=
ealing detailed configuration and environment information about t=
he server.</p>=0D=0A=0D=0A <h3>Impact:</h3>=0D=0A=0D=0A =
<p>Server Fingerprinting:Attackers can fingerprint the server ba=
sed on the disclosed PHP version, server software, and installed =
modules, allowing them to identify specific vulnerabilities to ex=
ploit.</p>=0D=0A <p>Sensitive Information Disclosure: The =
output may include sensitive information such as environment vari=
ables, file paths, and configuration settings that could be used =
to further compromise the server.</p>=0D=0A <p>Targeted At=
tacks: With the detailed information provided by the PHP Info pag=
e, attackers can perform targeted attacks against known vulnerabi=
lities in the disclosed PHP version or installed extensions.</p>=0D=0A=
=0D=0A <h3>Recommendation for Mitigation:</h3>=0D=0A=0D=0A =
<p>Remove or Restrict Access to PHPInfo Pages: Immediately remove=
the PhpInfo file or restrict access to the PHP Info page by limi=
ting it to authorized personnel only. This can be achieved by usi=
ng access control mechanisms such as IP whitelisting or password =
protection.</p>=0D=0A=0D=0A <p>Regularly Audit Server Files: C=
onduct regular audits of server files to ensure that sensitive fi=
les like PHP Info pages are not publicly accessible.</p>=0D=0A=0D=0A=
<p>Keep PHP and Extensions Updated: Ensure that PHP and all i=
nstalled extensions are regularly updated to the latest versions =
to mitigate the risk of known vulnerabilities being exploited.</p=
>=0D=0A=0D=0A <p>Minimize Information Disclosure: Configure th=
e PHP environment to minimize information disclosure by disabling=
expose_php, setting display_errors to Off, and ensuring that sen=
sitive information is not included in the output.</p>=0D=0A=0D=0A=
<p>I do this work to alert you to potential security issues o=
n your website, and I would greatly appreciate it if you could co=
nsider providing a bounty for the bug I discovered. Such rewards =
motivate me to continue hunting for vulnerabilities and helping t=
o secure websites like yours.</p>=0D=0A=0D=0A <p>If possible, =
I would be grateful if you could send the reward to my PayPal acc=
ount: <a href=3D'mailto:alihunter.adam@gmail.com'>alihunter.adam@=
gmail.com</a></p>=0D=0A=0D=0A <p>Additionally, I am happy to c=
reate an invoice for the transfer if that is more convenient for =
you.</p>=0D=0A=0D=0A <p>I look forward to working together to =
enhance the security of your company's websites.</p>=0D=0A=0D=0A =
<p>Thank you very much for your time and consideration.</p>=0D=0A=
=0D=0A <p>Best regards,<br />=0D=0A Ali Adam</p>=0D=0A</bod=
y>=0D=0A</html>