Back to directory
WRITEUP #882

0 Click ATO with the Sandwich Attack

Auth BypassAccount takeoverSandwich AttackPassword resetUUIDBruteforce
by@0xLupin(Roni Carta)
Bounty
5,000
Program
-
Published
Aug 11, 2023
Added to HackDex
Jul 1, 2024
Read Full Writeuphttps://www.landh.tech/blog/20230811-sandwich-attack/
RELATED WRITEUPS
Unlocking the Weak Spot: Exploiting Insecure Password Reset Tokens
RCEBruteforce
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO
Account takeover on 8 years old public program
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat