Account Takeover | writeups.xyz

Title	Vulnerabilities	Programs	Authors
How Abusing AWS CloudFormation Led to a Total Takeover of an AWS Environment	Cloud Information Disclosure Privilege Escalation Account Takeover	Undisclosed	Matthew Keeley (@Nightbanes)
How i was able to get Account Takeover via Insecure Data Storage and WebView With Exported Activity	Account Takeover Android Webview Insecure Data Storage Firebase	Undisclosed	Mohamed Reda (@M0x0101)
How I get 1000$ bounty for Discovering Account Takeover in Android Application	Account Takeover Android Client-Side Enforcement of Server-Side Security OTP Bypass	Undisclosed	Amol Bhavar
SSO Gadgets II: Unauthenticated Client-Side Template Injection to Account Takeover using SSO Gadget Chain	CSTI Account Takeover SSO OIDC	Undisclosed	Lauritz Holtmann (@_Lauritz_)
Bug Writeup: Stored XSS to Account Takeover (ATO) via GraphQL API	Stored XSS CSP Bypass Account Takeover GraphQL	Undisclosed	Peter M (@Pmnh_)
A Classical Account Takeover Case via Multiple Bypasses	Account Takeover Password Reset Host Header Injection URL Validation Bypass	Undisclosed	Kamil Onur Özkaleli (@Ko2sec)
Account Takeover: Unraveling IDOR + Stored XSS Flaws in an NFT Marketplace	IDOR Stored XSS Account Takeover	Undisclosed	Pratik Yadav (@PratikY9967)
ServiceNow Insecure Access Control To Full Admin Takeover	Broken Access Control Privilege Escalation Account Takeover	ServiceNow	Rezk0n (@Rezk0n)
How I Hacked Scopely and Got $$$	Self-XSS Clickjacking Account Takeover	Scopely	Aryan W13DOM (@NeuRosis23)
nOAuth: How Microsoft OAuth Misconfiguration Can Lead to Full Account Takeover	OAuth Account Takeover	Microsoft (Azure AD)	Descope (@Descopeinc)
Unleashing the Cloud: A Journey into Hacking College Servers and Uncovering Security Vulnerabilities	Authentication Bypass Account Takeover DoS Privilege Escalation	Undisclosed	Smukx (@Smukx07)
From Bug Bounty Hunter to Risk Analyst: My Cybersecurity Journey at Deloitte	Account Takeover	Deloitte	Himanshu Pdy (@Himanshu_pdy)
Abusing Client-Side Desync on Werkzeug	Client-Side Desync Attack HTTP Request Smuggling Account Takeover Open Redirect XSS	Werzeug	Mizu (@Kevin_mizu)
Compromising Honda’s power equipment / marine / lawn & garden dealer eCommerce platform through a vulnerable password reset API	Password Reset Broken Access Control Account Takeover	Honda	Eaton Z. (@XeEaton)
How I was able to get account takeover via IDOR form JWT	JWT IDOR Bruteforce Self-XSS Account Takeover	Undisclosed	Mohamed Reda (@M0x0101)
Turning a 50$ Tab-Nabbing vulnerability into a 1000$ Account takeover	Reverse Tabnabbing Stored XSS Self-XSS Account Takeover	Undisclosed	Malek Mohamed (@MalekMohamed0)
Breaking TikTok: Our Journey to Finding an Account Takeover Vulnerability	XSS Account Takeover OAuth	TikTok	Mrhavit Const
Rate Limit Bypass Leads to 0 Click ATO	Rate Limiting Bypass Bruteforce Password Reset Account Takeover	Undisclosed	ZeroXUF (@ZeroXUF)
Critical vulnerability on TP-Link service or how I got 0$	Account Verification Bypass IDOR Information Disclosure Account Takeover	TP-Link	Serj Novoselov (@Novoselov_s)
Hunting For Password Reset Tokens By Spraying And Using HTTP Pipelining	Password Reset Account Takeover	Undisclosed	Tom Neaves
Salt Labs exposes a new vulnerability in popular OAuth framework, used in hundreds of online services	OAuth Account Takeover	Expo Codeacademy.com	Aviad Carmel (@AviadCarmel)
Official extension spoofing attacks: when trusted add-ons are not so trusted	Extension Spoofing Account Takeover XSS	Undisclosed	Yesenia Trejo (@Yess_2021xD)
From GitHub To Account Takeover: Misconfigured Actions Place GCP & AWS Accounts At Risk	Account Takeover Cloud OIDC CI/CD	Undisclosed	Rezonate
Subdomain Takeover leading to Full Account Takeover	Subdomain Takeover Account Takeover ASP.NET	Undisclosed	Hacktus (@H4cktus) DreyAnd (@Dreyand_)
Privilege Escalations through Integrations	Privilege Escalation Amazon Cognito Misconfiguration JWT Account Takeover	Undisclosed	Colin McQueen

Page 4 of 22