mirror of
https://github.com/HackTricks-wiki/hacktricks.git
synced 2025-10-10 18:36:50 +00:00
Added Email verification bypass method - Update account-takeover.md
Added ### Bypass email verification for Account Takeover
This commit is contained in:
parent
4ccb581bf6
commit
815554112d
@ -111,6 +111,12 @@ From [this report](https://dynnyd20.medium.com/one-click-account-take-over-e5009
|
||||
|
||||
This also happened in [**this report**](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea).
|
||||
|
||||
|
||||
### Bypass email verification for Account Takeover
|
||||
- Attacker logins with attacker@test.com and verifies email upon signup.
|
||||
- Attacker changes verified email to victim@test.com (no secondary verification on email change)
|
||||
- Now the website allows victim@test.com to login and we have bypassed email verification of victim user.
|
||||
|
||||
### Old Cookies
|
||||
|
||||
As explained [**in this post**](https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9), it was possible to login into an account, save the cookies as an authenticated user, logout, and then login again.\
|
||||
|
Loading…
x
Reference in New Issue
Block a user