filmov
tv
No rate limit for confirmation email lead to email flooding | app.segment.com | POC
Показать описание
Description
There is no rate limit implemented in sending confirmation email. An attacker can use this vulnerability to bomb out the email inbox of the victim.
Step to reproduce
Setup burp suite with the browser.
Visit to the forgot page.
Enter the victim email, intercept the request and send it the Repeater/Intruder for loop request.
Now you can send the same request again and again.!!
Check the email, your email will be flooded by confirmation emails. image-
How to fix
Rate limit should be implemented.
I'm Umair Farooqui, a passionate software engineer and security researcher dedicated to uncovering vulnerabilities in systems worldwide. With a strong background in ethical hacking, I delve into the intricacies of cybersecurity to safeguard digital infrastructures.
🔍 *Hacking Experience:*
I specialize in discovering and responsibly disclosing critical security issues. My portfolio includes successful hacks and disclosures impacting renowned organizations such as NASA and Paytm, earning recognition and appreciation for enhancing their security postures.
🎥 *YouTube Channel:*
On my YouTube channel, I share Proof of Concept (PoC) videos where I demonstrate how vulnerabilities were identified and exploited. Each video provides insights into the techniques used and the impact on security.
🌐 *Connect with Me:*
📱 *Contact Me:*
- *WhatsApp:* +91 9867503256
*Note:* All content shared on this channel is for educational purposes only.
🔗 *Hashtags:*
#mufazmi #umairfarooqui #ethicalhacking #cybersecurity #infosec #bugbounty #securityresearch #hacker #bughunter #websecurity #pentesting #vulnerability #exploit #securityawareness #tech #coding #opensource #privacy #datasecurity #cybercrime #networksecurity #cyberattack #digitalforensics #blockchainsecurity #iotsecurity #appsec #cloudsecurity #redteam #blueteam #hackerinmumbra #mumbra #mumbrahacker #hackerkausa #mumbrahacker #itpm #hackerinsaraimeer #saraimeerhacker #saraimeer
Join me in exploring the world of cybersecurity, one vulnerability at a time! Let's secure the digital landscape together. 💻🛡️
There is no rate limit implemented in sending confirmation email. An attacker can use this vulnerability to bomb out the email inbox of the victim.
Step to reproduce
Setup burp suite with the browser.
Visit to the forgot page.
Enter the victim email, intercept the request and send it the Repeater/Intruder for loop request.
Now you can send the same request again and again.!!
Check the email, your email will be flooded by confirmation emails. image-
How to fix
Rate limit should be implemented.
I'm Umair Farooqui, a passionate software engineer and security researcher dedicated to uncovering vulnerabilities in systems worldwide. With a strong background in ethical hacking, I delve into the intricacies of cybersecurity to safeguard digital infrastructures.
🔍 *Hacking Experience:*
I specialize in discovering and responsibly disclosing critical security issues. My portfolio includes successful hacks and disclosures impacting renowned organizations such as NASA and Paytm, earning recognition and appreciation for enhancing their security postures.
🎥 *YouTube Channel:*
On my YouTube channel, I share Proof of Concept (PoC) videos where I demonstrate how vulnerabilities were identified and exploited. Each video provides insights into the techniques used and the impact on security.
🌐 *Connect with Me:*
📱 *Contact Me:*
- *WhatsApp:* +91 9867503256
*Note:* All content shared on this channel is for educational purposes only.
🔗 *Hashtags:*
#mufazmi #umairfarooqui #ethicalhacking #cybersecurity #infosec #bugbounty #securityresearch #hacker #bughunter #websecurity #pentesting #vulnerability #exploit #securityawareness #tech #coding #opensource #privacy #datasecurity #cybercrime #networksecurity #cyberattack #digitalforensics #blockchainsecurity #iotsecurity #appsec #cloudsecurity #redteam #blueteam #hackerinmumbra #mumbra #mumbrahacker #hackerkausa #mumbrahacker #itpm #hackerinsaraimeer #saraimeerhacker #saraimeer
Join me in exploring the world of cybersecurity, one vulnerability at a time! Let's secure the digital landscape together. 💻🛡️
0:01:07
0:03:38
0:02:47
0:01:07
0:03:26
0:00:31
0:01:04
0:04:07
0:02:13
0:01:40
0:01:49
0:13:10
0:02:55
0:03:40
0:03:58
0:01:41
0:02:11
0:29:04
0:02:40
0:09:59
0:02:04
0:02:05
![[ Bangla ]](https://i.ytimg.com/vi/aFHM1Cg4j04/hqdefault.jpg)
0:07:59
0:03:01