Popular posts from this blog
How I bypassed 2-Factor Authentication in a bug bounty program
Hello readers,
This post is about one of my recent finding in a private bug bounty program on hackerone.
For the sake of privacy, let’s call the site as bountyplease.com
According to Bountyplease.com scope, they are more interested in Authentication related issues.
So I decided to test their 2-Factor Authentication mechanism.
As normal 2-Factor Authentication flow the process works in the following steps.
1. User login to account by providing valid email and password 2. A valid OTP send to users register number 3. User fill OTP 4. Login successful
But in case if any user lose their phone or SIM card the process works in the following steps.
1. User login to account by providing valid email and password 2. User select other options 3. User provide backup codes 4. Login successful
In both above described cases there is also a code flow as following.
1. User login to account by providing valid email and password 2. At this stage bountyplease.com display a page to submit 2FA code send to p…
As normal 2-Factor Authentication flow the process works in the following steps.
1. User login to account by providing valid email and password 2. A valid OTP send to users register number 3. User fill OTP 4. Login successful
But in case if any user lose their phone or SIM card the process works in the following steps.
1. User login to account by providing valid email and password 2. User select other options 3. User provide backup codes 4. Login successful
In both above described cases there is also a code flow as following.
1. User login to account by providing valid email and password 2. At this stage bountyplease.com display a page to submit 2FA code send to p…
Lord of the root CTF walkthrough
Hi Guys, today we will walkthrough the Lord of the root CTF challenge. You can find this interesting challenge Here. As stated by the author our goal is to root the box and find out the flag.txt file so let's start ;)
As always our first task is to do strong enumeration so let's start with nmap to check for different services and ports running on target machine.
Nmap shows only port 22 is open let's access it and see if we get any hint to move further.
Basically it gives us the hint for port knocking on port 1,2,3. There are many ways for port knocking but we will use following simple shell script.
Let's run this script for our target IP and ports.
After that let's again run nmap and check for open ports.
As a result of port knocking we got another open port i.e port 1337. Sounds good ? let's access it.
So now let's run nikto to get some juicy information about the target.
But unfortunately nikto shows nothing important. Next i checked the source code for further hi…
As always our first task is to do strong enumeration so let's start with nmap to check for different services and ports running on target machine.
Nmap shows only port 22 is open let's access it and see if we get any hint to move further.
Basically it gives us the hint for port knocking on port 1,2,3. There are many ways for port knocking but we will use following simple shell script.
Let's run this script for our target IP and ports.
After that let's again run nmap and check for open ports.
As a result of port knocking we got another open port i.e port 1337. Sounds good ? let's access it.
So now let's run nikto to get some juicy information about the target.
But unfortunately nikto shows nothing important. Next i checked the source code for further hi…
Comments
Post a Comment