Back to directory
WRITEUP #2677

2FA Bypass on private bug bounty program due to CSRF token misconfiguration

Other2FA / MFA bypass
by@sharp488(Sharat Kaikolamthuruthil)
Program
-
Published
May 22, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@sharp488/2fa-bypass-on-private-bug-bounty-program-due-to-csrf-token-misconfiguration-5a9c82151a1
RELATED WRITEUPS
When Certificates Fail: A Story of Bypassed MFA in Remote Access
Other2FA / MFA bypass
2FA Bypass - IDN Mischief
Other2FA / MFA bypass
How I Got $150 on HackerOne for My First Bug
Other2FA / MFA bypass
Data Theft in Salesforce: Manipulating Public Links
OtherSOQL injection
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff
OtherSSTI

Built with ❤️ by Shubham Rawat