Back to directory
WRITEUP #3831

Lets Learn English - Hacking 10M+ Users

CloudAWS misconfigurationInsecure Firebase databaseOTP bypassAccount takeoverLogic flaw
by@AseemShrey(Aseem Shrey)
Program
-
Published
Apr 17, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://aseemshrey.in/lets-learn-english-hacking-10M-Users/
RELATED WRITEUPS
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources
CloudRCE
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS

Built with ❤️ by Shubham Rawat