Back to directory
WRITEUP #463

Null Byte on Steroids

Auth BypassNull-Byte injectionAccount takeoverPassword resetSQL injectionPath traversalXSSWAF bypass
by@0x0ld(Omar)
Program
-
Published
Feb 6, 2024
Added to HackDex
Sep 4, 2024
Read Full Writeuphttps://medium.com/@0xold/null-byte-on-steroids-23f8104a25ec
RELATED WRITEUPS
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Self-XSS to ATO via Site Features
XSSSelf-XSS
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO

Built with ❤️ by Shubham Rawat