🙄
p1k4chu@p1k4chu-host
  • About Me
  • Tools
    • Defensive Tools
      • H0neyTr4p
    • Offensive Tools
      • Ransomware Simulator - PyRan
  • Security Research
    • AI Security Research
      • Attacking using (and defending against) Input manipulation attacks against AI
      • (Ab)using AI to attack M365 and other services to conduct plethora of attacks
    • Cloud Security Research
      • Azure Storage Account Security - Attack & Defend: Part 1
      • Attack and Defend Azure Serial Console - Part 1
      • Azure Serial Console Attack and Defense - Part 2
    • Adversarial Tradecraft Research & Detection
      • RDP Exfil - The technique that works almost every time
      • Smishing Traid targets India with large scale "India Post" themed iMessage phish texts
      • Quick Assist: Friend or Foe? How adversaries can exploit this tool and how can you defend?
      • EDR Silencer - Embracing the Silence
      • Dissecting & Detecting Lsass Shtinkering
      • Detecting malicious OOB: Part -1: Hunting for OOB server - Interact.sh
      • Abusing Windows VPN for EXFIL
      • Analyzing Nobelium's HTML Dropper - EnvyScout
    • Web & Mobile App Sec
      • [CVE-2015-2300] ENL-Newsletter CSRF Full Disclosure
      • Yandex Mobile App vulnerable to Insecure Data storage
      • Bug on paypal worth 1000$
      • Session fixation bug on coinbase.
      • CyanogenMod (In)Secure Folder Lock !
  • Security Talk
    • Review of CRTP - Pentester Academy
    • Review of Hacking and Securing Kubernetes
Powered by GitBook
On this page

Was this helpful?

  1. Security Research
  2. Web & Mobile App Sec

Bug on paypal worth 1000$

PreviousYandex Mobile App vulnerable to Insecure Data storageNextSession fixation bug on coinbase.

Last updated 1 year ago

Was this helpful?

********

This is an older post (written around ~2015) and ported from my old blog. Please excuse if there are any mistakes or inaccuracies. If you find any issues, please head over to the home page > contact me. Thanks.

********

Hello Folks, Hope your having a wonderful time.. I’m here today to blog about an issue i found and reported in Paypal’s Website as a part of their Bug bounty program. The Vulnerability was Captcha Bypass on the domain “ www.paypal.com”

Description :- The bug was very simple, There was a feature called “resend-email” after we request an email to reset the password and unfortunately(for paypal) and fortunately(for me) the resend email feature lacked the rate limiting protection and abusing the same i was able to bypass the captcha. Actually it was not a complete bypass of captcha, it was indirect bypass by abusing a feature of paypal.

Here is a video demonstrating the Proof Of Concept. https://vimeo.com/86767236 Password for the video is :- letmein_1234

Hope you’ve enjoyed my writeup.

It’s a pretty short one but since it’s my first i guess i’ve some time to improve my blogging skills ;)

I look forward to share some more of my findings here. Just stay tuned :)

This was one of the bug i’ve reported to paypal and there are several other’s which i’ll be sharing i the mere future :)

Reward :- 1000$, Hall of Fame entry ! :)

Bye ! :)

https://vimeo.com/86767236
Logo