Share this page!

Md Ismail Šojal Profile picture
@0x0SojalSec
Mar 27 3 tweets 2 min read Twitter logo Read on Twitter
Two factor Authentication bypass : ⚔️

- In applications registration , it required a mobile number for compulsory 2 factor authentication.
- Captured the request for mobile number addition
POST /mobile/add

{XXNUMBERXX}
(1/n)

- Now followed the registration normally by adding a mobile number.
- Now when I login to account it required an otp to proceed.
- Used an invalid otp like 111111 and intercepted the request.
- Changed the request PATH and BODY to earlier captured request.
(2/n)

- They we’re implementing checks for all internal api endpoints before entering otp but forget to add check for mobile number addition request.
- I was able to add a new number without entering otp
- This led to 2fa bypass.

#infosec #cybersec #bugbounty

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Md Ismail Šojal

Md Ismail Šojal Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @0x0SojalSec

Md Ismail Šojal Profile picture
Jan 9
Training/Methodology #infosec #offensivesec⚔️🛡️

- OSINT Training and Workflow (dfir.training/osint)

- Website Investigation Workflow ()

- OSINT Resources & Tutorials (aware-online.com/en/)

- Learning Overpass API (osmlab.github.io/learnoverpass/…)
- A 5-minute guide to creating a covert account for Internet Investigations (OSINT) (intelligencewithsteve.com/post/a-5-minut…)

- hat’s in a Company? Guide for investigate a company (kit.exposingtheinvisible.org/en/what/compan…)

- Osint : Comment naviguer en eaux troubles (daring-india-marten-972.medium.com/osint-comment-…)
- Amnesty International Course : Open Source Investigations for Human Rights (advocacyassembly.org/en/partners/am…)

- OSINT : Explorer l’espace informationnel Russe (docs.google.com/document/d/10a… from )
- OSINT Russia Resources (start.me/p/0PeKwy/osint…)
Read 4 tweets
Md Ismail Šojal Profile picture
Jan 9
Several people asked me about the resources I recommend for learning GraphQL and GraphQL Hacking . Here is the list:

A Thread 🧵👇

GraphQL Basics:
- GraphQL in 40 Minutes:
- GraphQL in-depth:
- Great Website all about GraphQL: howtographql.com
GraphQL Hacking Articles:

- blog.assetnote.io/2021/08/29/exp…
- blog.yeswehack.com/yeswerhackers/…
- labs.detectify.com/2018/03/14/gra…
- blog.doyensec.com/2021/05/20/gra…
- payatu.com/blog/manmeet
-wundergraph.com/blog/the_compl…
Read 6 tweets
Md Ismail Šojal Profile picture
Dec 19, 2022
Insecure CORS Configuration" vulnerabilities. 🛡️⚔️

[A thread 🧵]

#infosecurity #CyberSec #bugbountytips #cybersecurity
[2/n]
What is Insecure CORS issue?

An insecure CORS configuration allows any website to trigger requests with user credentials to the target application and read the responses thus enabling attackers to perform privileged actions or to retrieve potential sensitive information
[3/n]

Basic Origin Reflection Test:

Req: Origin: evil[.]com
Res: Access-Control-Allow-Origin: evil[.]com

> In this test case check if your Origin Header is being reflected within the Access-Control-Allow-Origin Header. If yes, this may be a vulnerability.
Read 8 tweets
Md Ismail Šojal Profile picture
Nov 26, 2022
List of 50 cybersecurity podcasts:
#infosec #cybersecurity #podcasts #infosecurity Image
1. Cyber Work
2. Click Here
3. Defrag This
4. Security Now
5. InfoSec Real
6. InfoSec Live
7. Simply Cyber
8. OWASP Podcast
9. We Talk Cyber
10. Risky Business
11. Malicious Life
12. Hacking Humans
13. What The Shell
14. Life of a CISO
15. H4unt3d Hacker
16. 2 Cyber Chicks
17. The Hacker Mind
18. Security Weekly
19. Cyberside Chats
20. Darknet Diaries
21. CyberWire Daily
22. Absolute AppSec
23. Security in Five
24. Smashing Security
25. 401 Access Denied
26. 7 Minute Security
27. 8th Layer Insights
28. Adopting Zero Trust
29. Cyber Security Sauna
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(