Back to directory

WRITEUP #3004

Full Account takeover (ATO) — a tale of two bugs 🐛

IDORAccount takeover

byKwadwo Amoako

Program

-

Published

Feb 8, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/@kojodaprogrammer/full-account-takeover-ato-a-tale-of-two-bugs-d1b3765ff1de

▸ RELATED WRITEUPS

The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

Zomatoooo! IDOR in Saved Payments

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Built with ❤️ by Shubham Rawat