当前位置:网站首页>Email authentication bypass
Email authentication bypass
2022-06-23 03:08:00 【Khan security team】
What is email Authentication :
When you create an account then it ( account ) Want you 6 Bit code or 4 Bit code , Some people think so . Then you enter this code , Your email verification has completed successfully , You are now in your account .
But how to bypass the verification code ?
Now let's start , First , You create your account , You can type 6 Bit unknown / Random code , Because you can see that the code is invalid or someone thinks it is . Now you can use burp Request a response and change all errors l success , Invalid is valid and change the status code 403 un. To 200 OK And forward , Now it's easy to bypass your random verification code :)
Copy steps :
1. Create your account
2. Enter any code and click validate ( You can see that the code is invalid )
3. open burp Kit , Intercept request response
4. change
403 The United Nations .— ->200 normal
error ——-> success
Invalid code ——-> Valid code
5. Now forward and bypass your random code :)
边栏推荐
- DDoS attack under Kali
- Learning records - things inherited by subclass parent of C #
- 1 approved, edit again
- Redis source code reading (I) general overview
- How does easyplayer embed a video snapshot into a demo?
- How to gracefully solve the problem of platform font adaptation
- Cve-2021-4034 reappearance
- Learning record -- memo on constructors and attributes in C
- New uniapp+uniui background management uniuadmin
- Great WPF open source control library newbeecoder UI
猜你喜欢
6. template for integer and real number dichotomy
Vulnhub DC-5
Soft exam information system project manager_ Contract Law_ Copyright_ Implementation Regulations - Senior Information System Project Manager of soft exam 030
8. greed
How to store, manage and view family photos in an orderly manner?
Soft exam information system project manager_ Information system comprehensive testing and management - Senior Information System Project Manager of soft test 027
5. concept of ruler method
随机推荐
How to use fortress on mobile devices
Xiamen's hidden gaopuge smart park has finally been uncovered
The metauniverse is just a cloak for future technological evolution
Detailed explanation of label smoothing and implementation of pytorch tenorflow
JS event bubble and event capture
CFS After the CHM file is opened, the hyperlink content cannot be loaded and blank is displayed
Free upgrade of 2-core 2GB for old generation 1-core 2GB machines below standard S5 and SA2
Reinforcement learning series (III) -gym introduction and examples
The difference between the use of return, break and continue in the if statement in JS
PHP composer yii2 installation
Network security memorabilia - Summary of vulnerability exploitation events in 2021
PNAs: power spectrum shows obvious bold resting state time process in white matter
Dynamic filling of drop-down box with micro overlap
Reading redis source code (V) master-slave replication and sentinel mechanism
The performance of the new Tokio scheduler is improved by 10 times
How does easyplayer embed a video snapshot into a demo?
2022-01-25: serialize and deserialize n-ary tree. Serialization means that a
Weekly Postgres world news 2022w03
2022-01-30: minimum good base. For a given integer n, if K (k) of n
Vulnhub DC-5