-
Notifications
You must be signed in to change notification settings - Fork 0
/
password-token-email
27 lines (26 loc) · 1.18 KB
/
password-token-email
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
PASSWORD RESET:
1- Completely remove the token
2- change it to 00000000...
3- use null/nil value
4- try expired token
5- try an array of old tokens
6- look for race conditions
7- change 1 char at the begin/end to see if the token is evaluated
8- use unicode char jutzu to spoof email address
9- try [email protected]&[email protected] use %20 or | as separators
10- try to register the same mail with different TLD (.eu,.net etc)
11- don't add the domain locu@
12- try sqli bypass and wildcard or, %, *
13- request smuggler?
14 - change request method (get, put, post etc) and/or content type (xml<>json)
15- match bad response and replace with good one
16- use super long string
17- duplecate parameter email1@email2
18- bruteforce token (ip rotator burp)
19- try to switch token between parts [email protected]&token= attacker token
20- Host header injection
21- CRLF inj email="[email protected]%0a%0dcc:[email protected]"
22- im JSON array: {"email":["[email protected]","[email protected]"]}
23- Password reset token leakage via referer(https://hackerone.com/reports/342693)
25- try to add a password param