[$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Application
Tags
attack-pattern: | Data Credentials - T1589.001 Javascript - T1059.007 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 |
Common Information
Type | Value |
---|---|
UUID | 0c90b839-8ced-4e26-bed1-4fc15ca62220 |
Fingerprint | d5298d8b756338a4 |
Analysis status | DONE |
Considered CTI value | -2 |
Text language | |
Published | Dec. 23, 2024, 4:01 p.m. |
Added to db | Dec. 23, 2024, 6:09 p.m. |
Last updated | Dec. 24, 2024, 11:52 a.m. |
Headline | [$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Application |
Title | [$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Application |
Detected Hints/Tags/Attributes | 28/1/14 |
Source URLs
URL Provider
RSS Feed
Details | Id | Enabled | Feed title | Url | Added to db |
---|---|---|---|---|---|
Details | 167 | ✔ | Cybersecurity on Medium | https://medium.com/feed/tag/cybersecurity | 2024-08-30 22:08 |
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | Domain | 944 | example.com |
|
Details | Domain | 6 | console.cloud.google.com |
|
Details | Domain | 1 | your-clientid.apps.googleusercontent.com |
|
Details | Domain | 60 | accounts.google.com |
|
Details | Domain | 9 | oauth2.googleapis.com |
|
Details | Domain | 31 | www.googleapis.com |
|
Details | IPv4 | 1578 | 127.0.0.1 |
|
Details | Url | 4 | https://console.cloud.google.com |
|
Details | Url | 3 | https://accounts.google.com/o/oauth2/auth |
|
Details | Url | 4 | https://oauth2.googleapis.com/token |
|
Details | Url | 3 | https://www.googleapis.com/oauth2/v1/certs |
|
Details | Url | 1 | https://example.com/accounts/oauth/applications/id/callback |
|
Details | Url | 67 | https://example.com |
|
Details | Url | 43 | http://127.0.0.1 |