Registration Form

PreviousBypass 302 NextEmail Verification Bypass

Last updated 16 days ago

Registration Form

Business Logic

Try to register with the email example@target.com. Sometimes these accounts have special privileges such as no rate limiting and bypass certain verifications.

Impersonation

Register twice using the same data but changing the sign-up component.

The victim’s account could be hijacked if the application allows resetting the password based on one of the sign-up components.

POST /newaccount HTTP/1.1
...
email=victim@mail.com&password=1234

After sign up using victim email, try signup again but using different password

POST /newaccount HTTP/1.1
...
email=victim@mail.com&password=hacked

The attacker may impersonate the victim by using his data from another account.
The victim’s data can be removed entirely from the database or replaced with new ones entered by the attacker.

Username and other sensitive data such as document number, phone number, personal identification number, International Bank Account Number, etc., must be linked to the existing account and blocked from being used again.

Spoofing

Register twice using: the same email | + |. |uppercase|unicode.

The attacker could smuggle messages to the victim based on the registration form, which could help in a phishing campaign.
A victim’s mailbox can be flooded with vast amounts of email messages. Asa result, the mail server can place messages from the target domain in the spam or block them entirely from delivery.
An attacker could get registration bonuses multiple times.

SSTI

In name field:

"{{7*7}}<img>
"">{{7*7}}<img>"

XSS

{{constructor.constructor('alert(`XSS`)')()}}

Fake Informations

Username

Phone

Receive SMS

Address

Interesting Books

Disclaimer: As an Amazon Associate, I earn from qualifying purchases. This helps support this GitBook project at no extra cost to you.

PreviousBypass 302 NextEmail Verification Bypass

Last updated 16 days ago