About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

How did I earned 6000$ from tokens and scopes in one day- 653

CorraldevPosted 4 Years Ago
  • While testing the JWT functionality of a private program, they found lots of interesting functionality. One feature of the application is that you can invite users to a group and then change their account’s privileges/scopes.
  • As an regular user, you can set the permissions used in the scopes of the JWTs. Since there is a fine-grained permission model, this makes complete sense.
  • After reading a bunch of JavaScript on the page, they noticed that a few scopes were not in the edit user privileges functionality but still in the page! These were company:support and company:operations.
  • By simply sending the request to add users with these scopes, the new user could be added with the company JWT scope! When looking back to the JavaScript, there were several API calls for employees only. Using these with our new scope resulted in compromise of the application!
  • This issue existed in the API key creation and the invite users to group functionality. This is an awesome case of a good security concept but a lack of understanding of the use of it.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed