This time I have for you more than one bug bounty report. It’s three reports in total but all of them affect the same functionality and are tightly correlated. They led to the auth bypass and account takeovers on Shopify and exploited email confirmation flow.

Report links:
https://hackerone.com/reports/791775
https://hackerone.com/reports/796808
https://hackerone.com/reports/796956

Hacker:
https://hackerone.com/ngalog
https://twitter.com/ngalongc

Reconless channel:
https://www.youtube.com/channel/UCCp25j1Zh9vc_WFm-nB9fhQ

Follow me on twitter:
https://twitter.com/gregxsunday

Timestamps:
00:00 Intro
00:33 verifying someone’s email address
01:28 exploiting email confirmation vulnerability
02:06 first fix
03:50 limited impact and third report
05:20 escalating the impact

#auth #bypass #shopify #hackerone #ato #account #takeover

Add comment

Your email address will not be published. Required fields are marked *