Authentication Bypasses

Authentication Bypasses happen in many ways but usually take advantage of some flaw in the configuration or logic. Tampering to achieve the right conditions.

Hidden inputs

The simplest form is a reliance on a hidden input in the web page/DOM.

Removing Parameters

Sometimes, if an attacker doesn’t know the correct value of a parameter, they may remove it from the submission altogether to see what happens.

Forced Browsing

If an area of a site is not appropriately protected by configuration, that area of the site may be accessed by guessing/brute-forcing.

2FA Password Reset

An excellent example of authentication bypass is a recent (2016) example (https://henryhoggard.co.uk/blog/Paypal-2FA-Bypass). He could not receive an SMS with a code, so he opted for an alternative method, which involved security questions. Using a proxy, removed the parameters entirely and won.

Last updated