Skip to content

Commit

Permalink
Merge pull request KathanP19#221 from v3daxt/master
Browse files Browse the repository at this point in the history 
Added new methods & Bypasses
  • Loading branch information
@KathanP19
KathanP19 authored Sep 23, 2022
2 parents b8ff5d0 + 6d6a18b commit 0eefd40
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 1 deletion.
10 changes: 10 additions & 0 deletions Account_Takeovers_Methodologies/Account_Takeovers_Methods.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,14 @@ So if you find that target have weak password policy, try to go for no rate limi
## Using Auth Bypass
```
Check out Auth Bypass method, there is a method for OTP bypass via response manipulation, this can leads to account takeovers.
1.Enter the wrong auth code / Password
2.Capture a auth request in burpsuite and send it to repeater
3.Check for the resoponse
4.Change the respone by manipulating the following parameters
{“code”:”invalid_credentials”} -> {“code”:”valid_credentials”}
{“verify”:”false”} -> {“verify”:”true”}
```
## Try For CSRF On
```
Expand Down Expand Up @@ -61,6 +69,8 @@ Check out Auth Bypass method, there is a method for OTP bypass via response mani

## Reference:
* Various Source From Google,Twitter,Medium
* https://avanishpathak.medium.com/an-account-takeover-vulnerability-due-to-response-manipulation-e23fe629bd1

## Author
* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)
* [@v3daxt](https://twitter.com/v3daxt)
8 changes: 8 additions & 0 deletions Authentication_Bypass/OTP_Bypass.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -64,10 +64,18 @@
4) if there is no Rate Limit then wait for 200 Status Code (Sometimes 302)
5)if you get 200 ok or 302 Found Status Code that means you've bypass OTP
```
## More test cases for bypassing OTP-
```
1) Check for default OTP - 111111, 123456, 000000
2) Check if otp has been leaked in respone (Capture the request in burpsuite and send it to repeater to check the response)
3) Check if old OTP is still vaild
```


### Contributors:
* [@akshaykerkar13](https://twitter.com/akshaykerkar13)
* [@Yn0tWhy](https://twitter.com/Yn0tWhy)
* [@Virdoex_hunter](https://twitter.com/Virdoex_hunter)
* [febinrev](https://twitter.com/febinrev)
* [Fani Malik](https://twitter.com/fanimalikhack)
* [@v3daxt](https://twitter.com/v3daxt)
3 changes: 2 additions & 1 deletion BrokenLinkHijacking/BrokenLinkHijacking.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@
3. Now you need to check if company has the page or not , if no then register as the company or try to get that username or url.

## Alternate Step
1. Go to [Online Broken Link Checker](https://ahrefs.com/broken-link-checker) Or [Alternative Online Broken Link Checker](https://brokenlinkcheck.com/)
1. Go to [Online Broken Link Checker](https://ahrefs.com/broken-link-checker), [Dead Link Checker](https://www.deadlinkchecker.com/) Or [Alternative Online Broken Link Checker](https://brokenlinkcheck.com/)
2. Input the domain name

## Reference
Expand All @@ -24,3 +24,4 @@
### Author:
* [@KathanP19](https://twitter.com/KathanP19)
* [@cyph3r_asr](https://twitter.com/cyph3r_asr)
* [@v3daxt](https://twitter.com/v3daxt)

0 comments on commit 0eefd40

Please sign in to comment.