Password Reset

  • I was testing for ATO via reset function . Tried all method but no success. My friend@Tabnexa gave me tip to add double Host in request while requesting password Host: http://site.com Host: http://evilsite.com Boom it worked

  • Password reset poisoning -

https://twitter.com/fatrat_v2/status/1274387798338891776?s=20
PreviousMobileNextWeb Cache

Last updated