I have seen many reports regarding MFA bypass and many repos has got techniques to bypass MFA but here is one of my personal method or never seen before technique to bypass MFA, make sure to add it to your checklist ;)..... follow 👇
#bugbountytips #bugbountytip #bugbountytip
#bugbountytips #bugbountytip #bugbountytip
1) access control issues are everywhere in website right?
normal login flow :
email + passwd => mfa => enters acc
the flaw :
email + password => enters wrong mfa code and intercepts the req with burp, changes request line and params .....
normal login flow :
email + passwd => mfa => enters acc
the flaw :
email + password => enters wrong mfa code and intercepts the req with burp, changes request line and params .....
..... and issues the request to see if it updates internal infos before passing the mfa check!
2) but wait.. it doesn't end here!
here is another novel way to bypass :
resets password -> intercepts the request of changing password -> changes the params and request line to update internal settings :)
here is another novel way to bypass :
resets password -> intercepts the request of changing password -> changes the params and request line to update internal settings :)
3) again it doesn't end here :), sometimes u can also make api calls by changing request parameters and extract sensitive infos like api keys :D
4) so i haven't seen any report regarding it or this technique hasn't been included in any repo! Make sure to try it on your targets :D, retweet so that it can reach other people too! thanks again! :) keep sharing!
5) also don't forget to give credits and please don't steal credits :D
to those who ain't understanding i will be sharing a video POC soon . idk its simple and forward tho! anyways i will share poc and hope u guys get the idea!
• • •
Missing some Tweet in this thread? You can try to
force a refresh
