Mail.Ru Ext.B Scope Account Takeover [ $1500 ]

Hi i want to share how i found account takeover bug in geekbrains.ru .

I find vuln at geekbrains.ru … xss ,csrf etc… i found one xss bug but it duplicate

I notice it has many oauth ( gmail,vk,twitter,github..).

They check email address for oauth login.Eg: You login with gmail ( test@gmail.com) and login again with twitter ( that create with test@gmail.com) are same account.

Ok!???

In vk.com ,You can create account without confirm email.I create vk account with ( test@gmail.com) without confirm email.And login to geekbrains.ru with vk.

System did not found vk oauth email and they ask email address for email confirm

I enter vitcim’s email ( test@gmail.com ) and click confirm .WTF …It direct to test@gmail.com account without any other verify step.

I report to mail.ru via havkerone.They accept my report and award me $1500.

Thank for reading…See you in next bug.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store