WRITEUP #5904

Finding hidden gems vol. 1: forging OAuth tokens using discovered client id and client secret

ReconInformation disclosure

by@molejarka(Mateusz Olejarka)

Bounty

3,133.7

Program

Published

Jul 23, 2018

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://medium.com/@mateusz.olejarka/finding-hidden-gems-vol-1-forging-oauth-tokens-using-discovered-client-id-and-client-secret-467f1cd21714

▸ RELATED WRITEUPS

P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!

ReconInformation disclosure

How I Got Bugs From Google Dorks

ReconInformation disclosure

How I can easily get four P1 at NASA using Simple Google Dorking.

ReconInformation disclosure

How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System

ReconMissing authentication

$1600 Bounty on a Main Domain

ReconSession fixation

Built with ❤️ by Shubham Rawat