Back to directory

WRITEUP #5103

How I made 1000$ with AT&T Bug Bounty(H1)

CSRFAccount takeover

by@AdeshKolte(Adesh Nandkishor kolte)

Bounty

1,000

Program

AT&T

Published

Oct 2, 2019

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://web.archive.org/web/20201128230506/https://medium.com/@adeshkolte/how-i-made-1000-at-t-bug-bounty-h1-14e68b284e2f

▸ RELATED WRITEUPS

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Interesting Story of an Account Takeover Vulnerability

Auth BypassAccount takeover

Self-XSS to ATO via Site Features

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center

Auth Bypass2FA / MFA bypass

Built with ❤️ by Shubham Rawat