Back to directory
WRITEUP #4937

How I discovered an interesting account takeover flaw?

Auth BypassAccount takeoverPassword resetLack of rate limiting
by@0xAkash(Akash Methani)
Program
-
Published
Jan 14, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://medium.com/bugbountywriteup/how-i-discovered-an-interesting-account-takeover-flaw-18a7fb1e5359
RELATED WRITEUPS
Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
RCEBruteforce
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO
Account takeover on 8 years old public program
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat