2. Account Takeover IOS

  1. Methods to find a bug

Steps:

1) create acount
2) login and capture that request
3) now logout and login with wrong  password
4) capture that request
5) now again login with wrong password
6) now intercept and manipulate response
7) if its login it is a bug
Previous1. Sensitive Information disclosure on IOSNext8. Reverse Engineering

Last updated