Mail.Ru Ext.B Scope Account Takeover [ $1500 ]
Hi i want to share how i found account takeover bug in geekbrains.ru .
I find vuln at geekbrains.ru … xss ,csrf etc… i found one xss bug but it duplicate
I notice it has many oauth ( gmail,vk,twitter,github..).
They check email address for oauth login.Eg: You login with gmail ( firstname.lastname@example.org) and login again with twitter ( that create with email@example.com) are same account.
In vk.com ,You can create account without confirm email.I create vk account with ( firstname.lastname@example.org) without confirm email.And login to geekbrains.ru with vk.
System did not found vk oauth email and they ask email address for email confirm
I enter vitcim’s email ( email@example.com ) and click confirm .WTF …It direct to firstname.lastname@example.org account without any other verify step.
I report to mail.ru via havkerone.They accept my report and award me $1500.
Thank for reading…See you in next bug.