Joining any class without the teacher’s invitation in Khan Academy

3 years ago 188
BOOK THIS SPACE FOR AD
ARTICLE AD

Renganathan

Hi There,

Renganathan here.

Khan Academy VDP

This write-up is about a vulnerability that I found on khanacademy.org. Khan Academy Got a VDP on hackerone.

There was a virtual class that may be somewhat similar to google classroom I guess :)

I started testing with a few vulnerabilities like privilege escalation from student to teacher & unfortunately I couldn’t get one :/

So I was testing for the class joining functionalities and I found the class links were like:

khanacademy.org/join/A1B95FG6

I tested for IDOR and looking for similar class codes. But the chances of correct codes were very less and most of them were returning with 404 :(

So making things easy I used the below google dork to enumerate all the class code:

site:khanacademy.org/join/*

So I was able to enumerate all the classes and I joined one class :) as shown in the POC:

Resolved

Thanks for reading :)
Stay Safe.

https://www.instagram.com/renganathanofficial/

Read Entire Article