$37,500 Shopify auth bypass - Hackerone

preview_player
Показать описание


This time I have for you more than one bug bounty report. It's three reports in total but all of them affect the same functionality and are tightly correlated. They led to the auth bypass and account takeovers on Shopify and exploited email confirmation flow.

Report links:

Hacker:

Reconless channel:

Follow me on twitter:

Timestamps:
00:00 Intro
00:33 verifying someone's email address
01:28 exploiting email confirmation vulnerability
02:06 first fix
03:50 limited impact and third report
05:20 escalating the impact

#auth #bypass #shopify #hackerone #ato #account #takeover
  1. Bug Bounty Reports Explained
  2. bug bounty
  3. bug
  4. bounty
  5. vulnerability
  6. hackerone
Рекомендации по теме
$37,500 Shopify auth 0:07:22

$37,500 Shopify auth bypass - Hackerone

Do you want 0:00:16

Do you want to better your life? #philippines #angelescity #expat #pampanga #travelvlog

2020 Top Hacker 0:04:37

2020 Top Hacker H13- Thank You

Doppler Email Spoofing 0:01:37

Doppler Email Spoofing Vulnerability Bug Bounty PoC

Bypass Access Panel 0:01:17

Bypass Access Panel POC | Unauthorized access to employee panel with default credentials Bug Bounty

Printing Mistake by 0:00:23

Printing Mistake by RBI - Funny Currency Note dispensed by ATM.

$900 Bounty for 0:01:37

$900 Bounty for IMPROPER ACCESS CONTROL-GENERIC Vulnerability | BUG BOUNTY

How to find 0:09:24

How to find Bugs in Authentication as a Bounty Hunter - 5 Critical Flaws

$650 bugbounty | 0:09:12

$650 bugbounty | stored xss at semrush | bug bounty poc | detailed xss poc | #bugbountypoc #hackers

Ducky first meeting 0:00:20

Ducky first meeting with his wife aroob jatoi#makhan

Oauth Misconfiguration Poc 0:02:37

Oauth Misconfiguration Poc || Bug Bounty Poc#3 ||

External Service Interaction 0:01:37

External Service Interaction | Bug Bounty POC | Lazy Pentester

Bug Bounty POC: 0:00:37

Bug Bounty POC: Long password to dos attack | aalst.be

Approach to find 0:07:02

Approach to find Insecure deserialization | Exploitation | #cyberUF

XSS Imageboss | 0:00:37

XSS Imageboss | Bug Bounty 2020

Information Disclosure 4 0:08:47

Information Disclosure 4 | Authentication Bypass via Information Disclosure #portswigger

HI THIS IS 0:48:45

HI THIS IS URGENT PLZ FIX ASAP: Critical Vulnerabilities And Bug Bounty Programs

Spotify PUBLICIS Admin 0:01:37

Spotify PUBLICIS Admin Account Takeover due to Weak Password | Bug Bounty POC

How to Protect 1:01:05

How to Protect Your Online Business from Fraud in the Caribbean

Hackerone hacktivitycon ( 0:03:35

Hackerone hacktivitycon ( hacktivity con) CTF OPA Security flag solution writeup 2021 #hacktivitycon

Real World Hacking 1:22:28

Real World Hacking Tools Tutorial (Target: Tesla)

$0 to $1,000,000 1:15:51

$0 to $1,000,000 Challenge Documentary - Week 2 - Growing a Shopify Store To $1M From Scratch

Integrate FusionAuth SSO 0:33:45

Integrate FusionAuth SSO with MongoDB Realm JWT User Authentication using HMAC-SHA256 Shared Secret

Fraud Protection Solution 0:01:37

Fraud Protection Solution to Secure Your Online Business on ThirtyBees

Комментарии
Автор

Welcome to the comment section!
First, thanks for watching!

Make sure you are subscribed if you liked the video!

Follow me on twitter:

✉️ Sign up for the mailing list ✉️

☕️ Support my channel ☕️

🖥 Get $100 in credits for Digital Ocean 🖥

BugBountyReportsExplained
Автор

Love this format of content! I can tell you put a lot of effort into this

CommitSNIPS
Автор

Your videos are simple to understand and awesome.

firewallguy
Автор

subscribed after just watching two vids, amazing content

rodrigomolinagarrido
Автор

Please make more such vedios ... It's really helpful ... Thanks

_rudra_raj_
Автор

Nice contents sir! Already subscribed. Hoping that you upload more videos🥳

bughunter
Автор

This guy looks like every teenage bully in cartoons

rhyswoolcott
Автор

This is crazy🔥 i was looking for bug on account 2fa system at shopify but didn't got anything

gustialfian
Автор

New sub here, really amazing content. I love your videos❤️

tigerarabia
Автор

Hi, I have a few questions, I would be grateful if anyone could answer my queries
1) How would the hacker know about the new accounts which have not been confirmed? I am assuming that the confirmation is for new accounts, not for old ones correct me if I am wrong.
2) How did the hacker got to know about the merge accounts path/url?
3) Can't shopify disable/remove the change email id link while confirmating an account?

mohits
Автор

hey man! Thanks for this information.. keep it up i'm your new subscriber :)

_____m________
Автор

That was really generous of shoppify team to reward bounty While on the other hand there have been many cases from multiple different programs where the vulnerability was patched and hacker wasnt even rewarded once

LOL-qjkw
Автор

New sub here, please do create more vids like this😎

carljustinemosquida
Автор

But what we will do if the program says how will you get access to the attackers account for changing email address

meetsodha