Account Takeover POC

1 minute read

Account takeover is a type of security attack where an attacker gains access to a user's account without their permission. This can happen through various means, such as guessing passwords, stealing login credentials through phishing attacks, or exploiting vulnerabilities in the software or infrastructure.

Description of the Vulnerability

I was able to identify a vulnerability in the login functionality that allows an attacker to take over an account by bypassing authentication. The vulnerability can be exploited by sending a specially crafted request to the login page that bypasses the authentication process and grants access to the targeted user's account.

Impact of the Vulnerability:

The impact of this vulnerability could be severe, as it could allow an attacker to gain unauthorized access to sensitive user data, such as personal information, financial data, or other confidential information stored in the account.

Now, it's time to fireup Burpsuite.

Reproduce the Vulnerability

Navigate to the login page of the application. alt text

Enter a username and wrong password of a valid account.

Intercept the request being sent to the server. alt text

Bruteforce password using payloads. alt text

Send the modified request to the server. alt text Access the targeted user's account without any further authentication.

Hurray!! Now an attacker able to login to victim's account. He/She can takeover victim's account.

alt text

Recommendations for Mitigation:

To mitigate this vulnerability implementing rate limiting on the login functionality, adding multi-factor authentication, or implementing additional security measures to prevent unauthorized access to user accounts.

NOTE: I have reported this vulnerability ethically to that concerned department 2 years ago and concerned team sfixed this vulnerability.

Comments