Pre-Account Takeover using OAuth Misconfiguration

  1. Attacker creates an account on a.target.com using OAuth.
  2. Attacker changed his/her email to victim email.
  3. When the victim try to create an account on a.target.com, it says the email already exists. Now the victim will reset his/her password and logged in using email-password method.
  4. Attacker also able to logged in the victim account using OAuth.

--

--

--

Security Engineer @oyorooms | Never Forgive Never Forget

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

World-renowned IoT Equipment Vendor Uses HERCULES SecFlow and HERCULES SecDevice to Implement SSDLC

BUYING $KRL OF KRYPTOLITE ON PANCAKESWAP- Easy, No Stress!

{UPDATE} Mr Giggle 2 Hack Free Resources Generator

Change in Cp distribution method for the most recent Flag Battle[2021.08.23.added]

Playing the “Yet Another Vulnerability” Game

hikvision 2mp ip camera

Deploying your own cross-chain token 101

TaskRabbit: How not to handle a data breach.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
the_unluck_guy

the_unluck_guy

Security Engineer @oyorooms | Never Forgive Never Forget

More from Medium

HTTP VERB TAMPERING:

Parameter Pollution - Zero Day

XSS in hidden input field

Bypassing CSRF token protection by abusing a misconfigured CORS policy