Phone Number Verification Bypass in Twitter

Phone Number Verification Bypass in Twitter – Bug Bounty POC

Hello Bug Bounty POC Viewers . I am Bharat Sewani and today i’ll share one of  my old finding on twitter.com that how i found phone number verification bypass in twitter.The Impact of this vulnerability was to Bypass verification of User registerd Phone no. on Twitter.My this Bug was Duplicate so not got Any Award for this.,but just for educational and learning Purpose i decided to share this bug with you all.

Steps to Reproduction : 

1- Using twitter.com when we sign Up and go to following URL https://twitter.com/settings/add_phone for Activating our phone no.

2- Now Add your Phone no here. and it Send us a Twitter Confirmation Code.

3- now we add the verification code, which we got on our phone, so it’s Activate our Account.
But In This Scenario there were no limit were  set for Verify the Verification Code, so it was easy to add a Fake/False Phone no, then twitter will send confirmation code on fake/false phone no. then the Attacker can Launch a brute force Attack on Confirmation Code Field Using own JavaScript or any other 3rd Party Tool. As We Know that is 6 Digit Confirmation Code so only 1000000 Combinations are possible for 6 digit code. and after Several Attempts The code would be the Perfect one and it will Activate Account using a Fake/False no.and with this.. there was a one more vulnerability was there That.. Twitter Send user a Same Confirmation Code Every time there were no any changes even after several of attempts. so When After Sometime user Change is Phone no. even Though he/she can use Old Confirmation Code to Activate his Account even if the no is Allotted to someone else.

 

I’m Submitting the snapshot here as the Proof of Concept..

Phone Number Verification Bypass in Twitter

Phone Number Verification Bypass in Twitter

Phone Number Verification Bypass in Twitter

Phone Number Verification Bypass in Twitter

i

You may also like...

6 Responses

  1. Rudra says:

    Nice Thought.

  2. Aqeel Asif says:

    Brooo… me too got the duplicate on this issue :'(

  3. Hack_Rider says:

    i got the same issue in the website..soon i will disclose it…
    hope not to be duplicate 😛

  4. Fuck_OFF says:

    Too Many Duplicates even i got this bug !!!

Leave a Reply

Your email address will not be published. Required fields are marked *