Hack Internal Service Desks
Hey there, my name is Aakash Rathee, and I’m a Security Engineer 3 at Esper. My expertise lies in Application security, Cloud security, and DevSecOps. I also enjoy participating in bug bounty programs on HackerOne, which you can check out on my profile at https://hackerone.com/iamaakashrathee?type=user. Additionally, I love writing about cybersecurity on my Medium profile, where I cover various topics such as cloud security, DevSecOps, and emerging trends in the cybersecurity industry. You can find my articles at https://iamaakashrathee.medium.com
In this article, I want to share with you a story about how I gained unauthorized access to an internal service desk Jira dashboard, which allowed me to create tickets to the internal tech team. This breach gave me the ability where I can create ticket for. doing financial fraud, gain unauthorized access, and add or remove employees. Through this story, I’ll examine the importance of securing internal service desks and preventing unauthorized access to sensitive information.
The original author for this article is https://medium.com/@intideceukelaire Hacker @securinti | Head of Hackers @intigriti.
If you are a working professional, it’s likely that you are familiar with JIRA(if not its still fine 😁), a popular software tool for project management and issue tracking. Atlassian, the company behind JIRA, offers a Service Desk feature which allows users to create tickets for various teams such as IT, HR, and Finance. This service desk is separate from the traditional backlogs and sprints commonly used in JIRA.
What’s the Vulnerability?
The vulnerability in the Jira Service Desk lies in its open access to the public. Anyone can sign up and create tickets for internal teams such as on-boarding, off-boarding, financial, admin access, and more. This means that if a hacker gains access to a service desk, they can easily create tickets to perform fraudulent activities such as financial fraud, unauthorised access, or even adding or removing employees.
How to Exploit?
To assess the security of your Jira Service Desk, it is important to verify if the sign-up option is enabled. For instance, let’s assume the target is example.com. You can navigate to the URL for the Jira Service Desk, which may be in the format of https://example.com.atlassian.net/servicedesk/customer/user/login. Here, you can confirm if the sign-up option is available. If it is enabled, proceed with SignUp and verify the account. Then create tickets and explore the categories of tickets that can be created, depending on the functionalities available within the service desk.
Non- Vulnerable?
No SignUp Option Here…
Vulnerable
SignUp option available.
Report
If you find any target which have Internal Service Desk misconfigured, find there security email if BBP doesn’t exist, if exist then report on BBP program.
If you like this Article :
Please Follow me on Medium, LinkedIn and Subscribe to my Youtube Channel.
LinkedIN : https://www.linkedin.com/in/aakash-rathee-730834125/
Youtube : https://www.youtube.com/channel/UCfOwaz-7AgowC6FWkqBKV-Q
Support My Work
If you found this article helpful and would like to support my work, please consider buying me a coffee through the Buy Me a Coffee platform. Your support can help me to continue creating content and improving the quality of my work. You can visit my Buy Me a Coffee page at