Zero Click To Account Takeover

  1. d2hhdCBleGFjdGx5IHlvdSB3YW50Pz8/ -> oh man:) it’s my email address(ex: m7.arman@gmail.com)
  2. b2ggbWFuIGFyZSB5b3Uga2lkZGluZyBtZT8= -> is a number (123)
  1. In attacker account submit your email address to receive confirmation link
  2. Replace the last part of link(Sub) with base64 encoded of victim sub
  3. Open the poisoning link in Browser
  4. Back to the site and submit a reset password for email you use in step 2
  5. You will receive a link for change password.
  6. After changing password you will redirect to Victim account :)

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store