Back to directory

WRITEUP #3314

Exploiting Request forgery on Mobile Applications.

CSRFAccount takeoverAndroidiOS

by@dPhoeniixx(Sayed Abdelhafiz)

Program

Pinterest

Published

Oct 19, 2021

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://dphoeniixx.medium.com/exploiting-request-forgery-on-mobile-applications-e1d196d187b3

▸ RELATED WRITEUPS

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center

Auth Bypass2FA / MFA bypass

Built with ❤️ by Shubham Rawat