Back to directory
WRITEUP #4508

The 3 Day Account Takeover

Logic BugLogic flawPassword resetAccount takeoverBruteforceLack of rate limiting
by@__mr_beast__(Mr. Beast)
Program
-
Published
Jul 17, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/@__mr_beast__/the-3-day-account-takeover-269b0075d526
RELATED WRITEUPS
Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
RCEBruteforce
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat