My first Hall of Fame 🤩

Hello ppl ! This is Gnana Aravind, with a new write-up on how i got my first Hall of Fame. So first of all a HOF is something like an institution honouring the achievements of individuals in a particular activity or field and the company where I got my HOF in Razorpay. Already knew ? Ok Razorpay is a payments solution company in India that allows your business to accept, process, and disburse payments via its product suite. Lets talk about what I found there …

My HOF : https://razorpay.com/hall-of-fame

Response mail & HOF

Hacker Mode ONN

On the way to the online classes I came across Razorpay’s VDP and thought of hunting some bugs over there, and started to discover the subdomains and got a fresh one. So I started focusing on that particular subdomain, let us take it as sub.razorpay.com . While roaming over the subdomain for few minutes, I thought of getting started with simple bugs related to misconfiguration. The site was using OAuth Functionality, Its something like we can sign in or signup into the site with third party services like Google, Facebook, etc., So I tried to find Oauth misconfiguration related bugs. There are many use cases for these kind of bugs, so i started to test one by one, and at last I found one

The Bug

Name of Vulnerability : Preaccount Takeover due to lack of email and password verification

Areas Affected : OAuth Sign In page

Impact : The attacker can access the victims account till the victim changes his password.

Steps to Reproduce :

  1. Create an account using the “Sign in with Email” option.Use Victim’s email address and set password whatever you want. ( For testing purpose used my own email address)
  2. Next after signing up, log out of the account and try login with OAuth Functionality.
  3. Now once you are in the account , change some info like Name, address or anything.
  4. Now again logout and sign in with the Email and Password you created on Step 1.
  5. Now you can see the account with changed info,hence the vulnerability exists.

Reference :

Time line

Report Submission : Aug 18, 2021

First Response : Aug 18, 2021

Fixation and HOF : Sep 13, 2021

If you need any help in this bug, reach me out at Instagram and Follow me here on medium for more such useful write-ups, give a like and applause if this is a good write-up.

Thanks and Regards, Gnana Aravind K

We also have a community called Cyberonics, where we will be conducting useful webinars for free, follow us there to get updates on the upcoming events.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store