BOOK THIS SPACE FOR AD
ARTICLE ADCritical Account Takeover Bug via MFA Code
Hello Folks,
This write-up is about an account takeover bug that I found on the same public bug bounty program which was described in my previous post.
Link shared below:
Note:
Setting MFA in the account was mandatory for all Admin accounts hence this report was applicable & critical.
Normal authentication flow of application
Login to account from “sso.target.com/v2/login”Application prompts for password & upon entering it will redirect to “sso.target.com/v2/login/mfa”Enter the MFA code & hit submit.The POST request will contain the code & the mfa id & account can be accessed. (The mfa id is a static & unique alphanumeric value which identifies each MFA set on an account.)The Exploit
Go to login page & enter attacker’s email id.The application will redirect to page where…