CSRF TO ACCOUNT TAKEOVER

Hi Researchers..

Today I am going to explain how I got the vulnerability of CSRF to Account Takeover…. Free link

There was a domain which is good and many people knows about it which can make the files like pdf, images, and many things it can do…

This domain caught me in my eyes and I listened to some motivational speech for my motivation to start on this domain…

The thing is I did not even used linux for this for the reconnaissance, because Cross-Site Request Forgery is my favorite vulnerability of all time.

I directly registered in the domain made my own account on it…. I started to check my profile settings and looking around to it. There is one column which gave me some interesting thing that there no column that I could change my email…

Then I warmed up a little bit and started to work on it. Let me share the steps that I reproduce….. Sit back and relax…..

1. Opened burp suite and tried to change my profile details
2. I intercepted the request of it

This is the part I never even forget…. In the intercepted request I can change the email

3. I generated the CSRF POC which is inbuilt in the burp suite and saved the file with the email changing

4. I opened it in my browser….

BOOOOOOMMMMMM…… The email is changed.

5. I logged out from the account and rest the password and I took the full account takeover

I gave the requirements to the company’s security disclosure what they needed…

They rewarded with the bounty of $600 which is quite interesting amount for me and made a beautiful hunting in just 30 minutes…