Improper phone number validation to account takeover

  1. Visit the signup page:
  2. Give any russian phone number you can get it from receive-sms-online
  3. intercept the request and change it to your number and you will receive a call with OTP
  4. Input this OTP and intercept on -> click on verify and again change the country code and number
  5. You’re logged in as the Russian number user and same works with Login.




Ignore me, i will make you regret

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

2022’s Top Cyber Security Trends with a Quantum Twist

Jerome’s Journal: Chemosit — Page 33


First product from DFILE team starting in private testnet!

Another one?! CREAM hacked

Using Raspberry Pi to block ads

QMware hybrid cloud data centre

Warren & Whit: Privacy Abstraction

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
shesha sai_c

shesha sai_c

Ignore me, i will make you regret

More from Medium

Improving the impact of a mouse-related XSS with styling and CSS-gadgets

How to hunt for bug bounties

How I took over the Manager’s account in Bus Booking website.

Story of YouTube’s Unfixable Ads Bypass