📧NO RATE LIMIT

Captcha bypasses tips

- Try to change request method
- Remove the captcha param from the request
- leave param empty
- Fill in random value

POC

First Capture the Forgot Password Post Request "Email Send wali"
then send Request to Intruder: Sniper Mode
then set to Payload Posision: Any-Header=0.$5$
then set to Payload:
Payload set: 1
Payload type: Numbers
Type: Sequential
From: 1
To: 50
Step: 1
then click Start Attack
See Got 204 Response in All Response It means 50 Requests Hit the Server 
lets Check Email

Via email parameter:

1) Click on email sending feature(for eg: forgot password)

2) Enter email and intercept that request.

3) Send to intruder and select ‘your email’ parameter as an injection point!

4) Paste your email in the payload list 100 times.

5) Start an attack and you will be receiving 100 emails.

IMPACT:

If You Are Using Any Email Service Software API Or Some Tool Which Costs You For Your Email This Type Of Attack Can Result You In Financial Lose And It Can Also Slow Down Your Services It Can Take Bulk Of Storage In Sent Mail Although If Users Are Affected By This Vulnerability They Can Stop Using Your Services Which Can Lead To Business Risk

PreviousImproper Access Control - Generic (CWE-284)NextCaptcha bypass

Last updated 1 year ago