A $5000 Account Takeover

Hey there!!!

This is my first write up on bug bounty and going to continue writing much more interesting one as soon as I will receive my rewards :p

This write up is based on my a few months back earned $5000 as many people were asking me about the technique….so let’s follow the steps

Bug Type- Account takeover via OTP

Technical Details-

This bug I found on highest paying bug bounty program-oops!! Don’t ask me the name of program :D

I always keep looking for something interesting and which should cause a business impact.

Test case 1- Verify for Case Sensitiveness

Check if any quotes or forward slash is working on a parameter or throwing any output in response.

Test case 2-Check for types of characters OTP supports

It can be Only Digits, Only Alphabets, and Alphanumeric.

Test case 3- How many times a user can provide invalid OTP?

Verify that after temporary blocking of the email account, the system does not send the one-time password.

These are the few test cases I tried, there are many though you can go with this necessary checklist.

Test case 4- Captured the request and understanding the behavior of the app as to how it shows in response.

Let’s first see the first verified response…