Mirrors/hacktricks

mirror of https://github.com/carlospolop/hacktricks synced 2024-11-15 09:27:32 +00:00

CPol 2e5398ac23

GitBook: [master] 7 pages and 2 assets modified

2021-06-27 15:43:01 +00:00

1.4 KiB

Raw Blame History

Registration Vulnerabilities

Takeover

Duplicate Registration

Try to generate using an existing username
Check varying the email:
- uppsercase
- +1@
- add some some in the email
- special characters in the email name %00, %09, %20
- Put black characters after the email: test@test.com a
- victim@gmail.com@attacker.com
- victim@attacker.com@gmail.com

Username Enumeration

Check if you can figure out when a username has already been registered inside the application.

Password Policy

Creating a user check the password policy check if you can use weak passwords.
In that case you may try to bruteforce credentials.

SQL Injection

****Check this page to learn how to attempt account takeovers or extract information via SQL Injections in registry forms.

Oauth Takeovers

{% page-ref page="oauth-to-account-takeover.md" %}

SAML Vulnerabilities

{% page-ref page="saml-attacks/" %}

Change Email

when registered try to change the email and check if this change is correctly validated or can change it to arbitrary emails.

More Checks

Check if you can use disposable emails
Long password >200 leads to DoS
Check rate limits on account creation
Use username@burp_collab.net and analyze the callback