Back to directory
WRITEUP #4567

Taking over Azure DevOps Accounts with 1 Click

AI / LLMSubdomain takeoverAccount takeover
by@seanyeoh(Sean Yeoh)
Bounty
3,000
Program
Microsoft
Published
Jun 28, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://blog.assetnote.io/2020/06/29/subdomain-takeover-to-account-takeover/
RELATED WRITEUPS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Self-XSS to ATO via Site Features
XSSSelf-XSS
Unmasking Harmful Content in a Medical Chatbot: A Red Team Perspective
AI / LLMAI
Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk
AI / LLMCI/CD
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover

Built with ❤️ by Shubham Rawat