Author: Haider Ali
-
From Cross-Subdomain Cookie Reuse to Becoming Super Admin: An Exploit Chain Walkthrough
From Cross-Subdomain Cookie Reuse to Becoming Super Admin: An Exploit Chain Walkthrough Share this article: Facebook Github Linkedin Pinterest X-twitter Whatsapp Envelope Hey there! A few days ago, while performing a penetration test on one of our client’s applications, our team encountered a scenario that’s definitely worth sharing. It involved cross-subdomain cookie reuse, which, when…
-
OAuth-Based CSRF: Exploiting The Flaw In Implementation Of State Parameter
OAuth-Based CSRF: Exploiting The Flaw In Implementation Of State Parameter Share this article: Facebook Github Linkedin Pinterest X-twitter Whatsapp Envelope Hey there! A few days ago, while doing penetration testing on one of the assets of our client, our team came through a scenario that is worth sharing. It was an OAuth based CSRF that…