Member-only story

$100-$20k worth Account Takeover Vulnerability | Hidden Practical Steps

Published in

InfoSec Write-ups

4 min readFeb 25, 2025

Hidden methods to find Account Takeover Vulnerability in Bug Bounties

Friend Link | Free Link

Do Follow and Subscribe via mail to get latest writeups and Hidden & Secret Tips and Tricks related to Cybersecurity and Bug Bounty Hunting.

Hi geeks, it4chis3c (Twitter) came-up with another bounty earning write-up in the Bug Bounty Hunting Series:

Bug Bounty Hunting Series

30 stories

Credit: DALL-E

Account Takeover (ATO) vulnerabilities allow attackers to hijack user accounts, often leading to data breaches, financial loss, and reputational damage. For bug hunters, ATO is a goldmine — it’s common, high-impact, and often overlooked.

1. Password Reset Exploits

a. Host Header Injection to Steal Tokens

Step-by-Step:

Intercept the password reset request (Burp Suite).
Inject a custom Host or X-Forwarded-Host header pointing to your server.

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app

Or, continue in mobile web

Sign up with Google

Sign up with Facebook

Sign up with email

Already have an account? Sign in

Published in InfoSec Write-ups

Last published 4 hours ago

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Written by It4chis3c

Security Researcher | Bug Bounties | Tips & Tricks

No responses yet

Write a response

What are your thoughts?

Also publish to my profile

Recommended from Medium

$100-$200 worth 403 Bypass Techniques

In

InfoSec Write-ups

by

It4chis3c

$100-$200 worth 403 Bypass Techniques

Practical, Advanced and Real-world based Techniques to Bypass 403 Forbidden

Feb 22

Hacker’s laptop screen

Ibtissam Hammadi

How I Earned $9,750 in 48 Hours by Finding a Critical Security Flaw

The step-by-step story of how I uncovered a critical vulnerability, reported it and landed a $9,750 bounty — fast

Feb 24

Lists

Medium's Huge List of Publications Accepting Submissions

414 stories4634 saves

Extreme Recon Dorking (Part2)

In

Cyber Security Write-ups

by

AbhirupKonwar

Extreme Recon Dorking (Part2)

Photo by Dominik Sostmann on Unsplash

Feb 24

Autorize & IDOR: How a Simple Token Swap Exposed Sensitive Data

hackersatty

Autorize & IDOR: How a Simple Token Swap Exposed Sensitive Data

About Me

Feb 25

Bypassing HackerOne 2FA due to race condition.

Akash Hamal

Bypassing HackerOne 2FA due to race condition.

I hope you all are doing well :)

Feb 23

🚀How I Found an Open Redirect Vulnerability Easily (Worth $500!)

Abhijeet Kumawat

🚀How I Found an Open Redirect Vulnerability Easily (Worth $500!)

Hey everyone! 👋 I’m back with another exciting bug bounty write-up! This time, I’ll walk you through how I found an Open Redirect…

6d ago

See more recommendations

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams