Phone Number Verification Bypass in Twitter – Bug Bounty POC
Hello Bug Bounty POC Viewers . I am Bharat Sewani and today i’ll share one of my old finding on twitter.com that how i found phone number verification bypass in twitter.The Impact of this vulnerability was to Bypass verification of User registerd Phone no. on Twitter.My this Bug was Duplicate so not got Any Award for this.,but just for educational and learning Purpose i decided to share this bug with you all.
Steps to Reproduction :
1- Using twitter.com when we sign Up and go to following URL https://twitter.com/settings/add_phone for Activating our phone no.
2- Now Add your Phone no here. and it Send us a Twitter Confirmation Code.
3- now we add the verification code, which we got on our phone, so it’s Activate our Account.
I’m Submitting the snapshot here as the Proof of Concept..