FirstBlood-#50 — Account takeover via re-register with the same username
This issue was discovered on FirstBlood v1
On 2021-05-09, parisk Level 4 reported:
Getting started
Learn about vulnerability types 
Getting started in bug bounties 
Test your knowledge
Free Web Application Challenges
Guides for your hunts 
ZSeano's Methodology
Effective Note Taking for bug bounties
Useful Resources 
Disclosed HackerOne Reports 
Our community
Endorsed Members
Hackevents 
Member Articles
hi
i found an account takeover via re-register with the same username on your flatform
- step to reproduce
-
create an account with the invite code: F16CA47250E445888824A9E63AE445CE. after that save your username and password. then login to account to check that it worked
-
re-register with the same username in the step 1 and the invite code. then save username and password again. you can see that the account in the step 1 didn't work anymore and the account in this step working
*impact
if by someways, attacker can obtain victim username, then he can take over victim account forever
-
the invite code is in the internet so it do not hard to leak
-
remediation
-do not allow re-register if the username existed on the system
P2 High
Endpoint: register.php
Parameter: none
Payload: none
FirstBlood ID: 17
Vulnerability Type: Auth issues
Unintended: An account with the same username can be created which leads to the original account being deleted and replaced with the attackers
Report Feedback
Creator & Administrator
Nice find, I actually did add some code to prevent this but it seems it didn't work correctly , so i've added it as an unintended and i'm awarding you a bounty :)