My first Hall of Fame 🤩

Response mail & HOF

Hacker Mode ONN

The Bug

  1. Create an account using the “Sign in with Email” option.Use Victim’s email address and set password whatever you want. ( For testing purpose used my own email address)
  2. Next after signing up, log out of the account and try login with OAuth Functionality.
  3. Now once you are in the account , change some info like Name, address or anything.
  4. Now again logout and sign in with the Email and Password you created on Step 1.
  5. Now you can see the account with changed info,hence the vulnerability exists.

Time line

--

--

--

18 | Passionate towards Cyber Security

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

If your inbox isn’t secure your business is at risk

{UPDATE} Cookie Rush - Match Adventure Hack Free Resources Generator

{UPDATE} Ramp Car Jumping Hack Free Resources Generator

FAM Central - The Hottest NFT Airdrop is on the way!

KAKI 2.0: Capturing Defi Gains in a Game Way

Do better penetration tests — for buyers and testers

{UPDATE} San Andreas Helicopter Car Flying 3D Free Hack Free Resources Generator

New listing: Gate.io (23 November 2021)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Gnana Aravind

Gnana Aravind

18 | Passionate towards Cyber Security

More from Medium

How I exposed the teacher’s Aadhaar card, bank details on the college website.

Bug Type: HTML injection in confirmation Email !

How I Found A Simple Stored XSS

IDOR vulnerability on invoice and weak password reset leads to account take over