Note: in agreement with the company, I decided not to name them to prevent damaging their brand image. The company fixed the issue within an hour after notifying them, big kudos for that.
Some days ago an article was posted on a Dutch tech website, showing off a newly released service to securely request files from someone through the web.
As always, I'm super interested in the cryptographic implementation of such services to ensure they're secure, even if for example, the company servers would be compromised. Sadly, their website didn't go deep into the technical details other than some simple facts that local cryptography is used with a private key using RSA and AES to provide end-to-end encryption. The application is not open-source which would allow easy auditing, and no white paper is available.
Their website claims the system is secure, but everyone makes mistakes. So I decided to put it to the test. Let's see what I could break.
Spoiler alert: it didn't turn out so well...
This article goes into the technical details on how this was possible, you may want to skip to the PoC video instead.