Back to directory
WRITEUP #2463

SecStory: How I Found Multiple P1 Vulnerabilities without Recon

Auth BypassBroken authentication
by@rival_rvdt(rvdt)
Program
-
Published
Jul 23, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@rival.rvdt/secstory-how-i-found-multiple-p1-vulnerabilities-without-recon-c9f3a19cad45
RELATED WRITEUPS
Account Takeover via Broken Authentication Workflow: Free Lifetime Streaming!
Auth BypassBroken authentication
Plug Security Holes in React Apps That Can Lead to API Exploitation
Auth BypassSSO
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO

Built with ❤️ by Shubham Rawat