Technology cybersecurity bug bounty hacking Tech
🐞Sara Badran
🐞Sara Badran

@SaraBadran18

2 Tweets 161 reads Aug 23, 2022
Twitter
2FA Bypass Techniques thread πŸ”₯πŸžπŸ”“
-------------------------
πŸ“Œ2FA Code Leakage in Response:
You can intercept otp using burpsuite and inspect http response and check if the 2FA code leaked
#hackerone #BugBounty #bugbountytips #BugBountyTip
2FA Bypass Techniques thread πŸ”₯πŸžπŸ”“ ------------------------- πŸ“Œ2FA Code Leakage in Response: You can...
2. JS File Analysis:
----------------
πŸ“ŒAnalyze all the JS Files that are referred in the response to see if any JS file contains information that can help bypass 2FA code.
#hackerone #BugBounty #bugbountytips
#hackeronereport #Bugbountywriteupspublished #BugBountyTip
2. JS File Analysis: ---------------- πŸ“ŒAnalyze all the JS Files that are referred in the response t...
3. Lack of brute-Force Protection:
-----------------
πŸ“Œtype 2FA code and capture request using burpsuite
πŸ“Œsend request to intruder and send request for 100–200 times .
πŸ“ŒAt 2FA Code Verification page, try to brute-force for valid 2FA and see if there is any success.
4. Missing 2FA Code Integrity Validation:
-------------------
πŸ“ŒRequest a 2FA code from the attacker’s account.
πŸ“ŒUse this valid 2FA code in the victim 2FA Request and see if it bypasses the 2FA protection.
#hackerone #BugBounty #bugbountytips
#bugbountytips
#bugbountytip
5.2FA Refer Check Bypass:
----------------
πŸ“Œnavigate to the page which comes after 2FA or any other authenticated page of the application.
If there is no success, change the refer header to the 2FA page URL.
#hackerone #BugBounty #bugbountytips
#bugbountytips
#bugbountytip
6. Enabling 2FA Doesn’t Expire Previous Session:
-------------------
In this scenario, if an attacker hijacks an active session before 2FA, it is possible to carry out all functions without a need for 2FA.
#hackerone #BugBounty #bugbountytips
#bugbountytips
#bugbountytip
7. Clickjacking on 2FA Disable Feature:
--------------------
Try to iframe the page where the application allows a user to disable 2FA.
#hackerone #BugBounty #bugbountytips
#bugbountytip
8. Response Manipulation:
----------------
πŸ“Œ Check response of the 2FA Request.
πŸ“Œ If you observe β€œSuccess”:false, change this to β€œSuccess”:true and see if it bypasses the 2FA.
#hackerone #BugBounty #bugbountytips
#bugbountytip
9. Status Code Manipulation:
----------------
πŸ“ŒIf the Response Status Code is 4xx like 401, 402, etc.
πŸ“Œ Change the response Status Code to β€œ200 OK” and see if it bypasses the 2FA.
10. 2FA Code Reusability:
----------------
πŸ“Œ Request a 2FA code and use it.
πŸ“Œ Now, re-use the same 2FA code in another session and if it authenticated successfully, that’s a potential issue.
#hackerone #BugBounty
#bugbountytips
#bugbountytip
11. CSRF on 2FA Disable Feature:
---------------
πŸ“Œ Navigate to 2FA Page and click on β€œDisable 2FA” and capture this request with Burp Suite & generate a CSRF PoC.
πŸ“Œ Send this PoC to the victim, and check if CSRF happens successfully and remove the 2FA from the victim account.

Categories

Technology cybersecurity bug bounty hacking Tech

Some tweets missing

Loading suggestions...