Jun 27, 2021
1 min read
How I got a Widget-Dev access of site because of improper authorization
Hi everyone
Today i would like to talk about one of my interesting finding in which i was able to bypass Dev admin panel because of improper authorization so lets come into the main point
Lets assume the target as Boom.com {During subdomain enumeration i found one of their subdomain in which they were managed widgets setting and etc.
Now the game starts here -
- So there is Mobile number login mechanism for admin to get into admin panel
- I entered my number and Waiting for otp nothing got !!
- Then I think why not intercept that request and check the response what i got 400 badrequest and invalid otp
- Here the game changed I change response code to 200 OK and removed the invalid response body
Woahh!! redirected to dashboard and i able to do whatever i want
Check this blog for difference between authentication and authorization HERE
I hope you enjoyed this Thank you so much for your time
Have a great bounty life!
Connect with me on twitter @aadesh_namdevv {https://twitter.com/aadesh_namdevv}
