Story Of Pre-Account Takeover via 0auth Misconfiguration

Hello guys,

Today I am going to share one of my interesting findings on the private program . Since this is on a private program so I will be using it as target.com .

Let’s get started. I picked one of the subdomain a.target.com and there is a registration page to create a new account. There is an option that you can also signup using OAuth. So, I created one account using email. After that, It asked for the verification which i recieved on the email.

Then suddenly i thought why not sign up from the same email through google 0auth.

Boom i got my account created without any verification and then I tried to sign in using the same email and the verification got bypassed. Which makes it vulnerable to pre-account takeover via 0auth misconfiguration.

Some companies paid nothing. Some companies pays $$$

I hope you learned something new from this blog. I will write more of my findings soon so, stay tuned for my next write-up.

Thank you for reading it 😊

Linkedin : https://www.linkedin.com/in/devansh-chauhan-b36b6a1b1