Techiepedia
Published in

Techiepedia

Response Manipulation leads to Account Takeover

Photo by olieman.eth on Unsplash

This is a short story about my recent bug hunting on a private program. This program mainly relies on OTP to check user’s authentication. This story would walk through how I bypass its OTP check using response manipulation. So, let’s begin.

If you are not yet a medium member, please subscribe using the link below.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store