Re-dressing Instagram - Leaking Application Tokens via Instagram ClickJacking Vulnerability!

(Photo Illustration by Thomas Trutschel/Photothek via Getty Images) Hi Guys, I hope all of you are doing great and in a well state. Today i will show you a ClickJacking bug i found in Instagram that allowed me to iframe ajax responses and leads attackers to steal your instagram connected applications tokens hence hijack your […]

Let's steal some tokens!

Hey There, How you doing? Good? Cool! In this blog post I will be talking about my experience with minor bugs chained together to steal sensitive tokens. #1. Stealing CSRF tokens through Google Analytics. While randomly testing things on, I landed at some random app page and hit the Write a review button, I […]

Previous page Next page

Scroll Up