.png)
2 weeks ago
18 BOOK THIS SPACE FOR AD
ARTICLE AD
Hey folks I hope you all are doing well. I am back with another writeup about OAuth Account Spoofing. In this writeup I will tell you how I found the OAuth account spoofing. Detailed PoC video link will be uploaded soon on the YouTube channel mentioned at the end of the writeup.
What is OAuth Account Spoofing?
OAuth Account spoofing is when you create an account and change it to that of victim and you are still able to login into that account without any protection. This way hackers can spoof into your account without even letting you know.
I was hunting on a website, let’s name it as redacted.com here but in the PoC you will get to know the website. Now when I made an account using OAuth I found that we can change the email without even verifying the new one. So my mind started running and I followed these steps for the attack vector.
Steps Of Reproduction:
Attacker creates an account using OAuth and goes into my account2. Attacker added the victim email address and made it primary and deleted his old email address
3. Attacker then logged out and after sometime again logged in using OAuth with old email and was logged into the old account without any verification
4. Attacker was still able to login into the old one whose email was changed
After seeing this bug I was like OAuth misconfiguration Ninja!!
I got $$$ rewarded for this bug submission. This is a P3 vulnerability according to the Bugcrowd VRT and companies offer pretty good bounties for this bug. I hope you understood about this bug. If not then a detailed PoC video link will be uploaded on the below YouTube channel.
Thanks for reading my article. Follow me for more!!!
LinkedIn: https://www.linkedin.com/in/akash-suman-7b95572a1/
Instagram: https://www.instagram.com/prowlsec/
YouTube: https://www.youtube.com/@ProwlSec
Twitter: https://x.com/CyberGhostOps
Bengali (Bangladesh) · 
English (United States) ·