OAUTH Misconfiguration - OAUTH - Tutorial Boy -->
Home

OAUTH Misconfiguration - OAUTH


Hello Team,

Description:

OAuth is a functionality used by a user for easy sign-up or login on your domain. In this account, the attacker can easily control the victim’s account if the victim uses OAUTH functionality.

Replication Steps:

    (ATTACKER PHASE)

  1. Make an account with the victim’s email address and set a password.
  2. Now you have access to the victim’s account through a password and email id.

    3. (VICTIM COMES )

  3. The victim will create an account through google OAuth functionality.
  4. Thus, the victim is not required to set a password.

    5. (EXPLOIT)

  5. You can access the victim's account through a password you set in the attacker phase.
  6. So, you can use a victim account whenever you want!

MITIGATION:

  • Allow only OAuth sign up or Email address Sign up.
  • I have attached PoC for your ready reference.

    • Thank you