ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2025-02-01 07:37:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8d34dc26d4
AllAboutBugBounty/Account Takeover.md
MD15 410420e645 Daffa / Split reset password and ATO
2021-01-31 22:03:29 +07:00

618 B
Raw Blame History

Account Takeover

  1. Using OAuth Misconfiguration

    • Victim has a account in evil.com
    • Attacker creates an account on evil.com using OAuth. For example the attacker have a facebook with a registered victim email
    • Attacker changed his/her email to victim email.
    • When the victim try to create an account on evil.com, it says the email already exists.

  2. Try re-sign up using same email

POST /newaccount
[...]
email=victim@mail.com&password=1234

After sign up using victim email, try signup again but using different password

POST /newaccount
[...]
email=victim@mail.com&password=hacked