all InfoSec news
How I Leak Other’s Access Token by Exploiting Evil Deeplink Flaw
March 13, 2023, 9:32 a.m. | Crisdeo Nuel Siahaan
InfoSec Write-ups - Medium infosecwriteups.com
Introduction
Deep linking has become a crucial aspect of modern mobile app development, allowing for seamless navigation within and between apps. However, this seemingly flawless feature of deep linking can become a point of exploitation due to misconfigurations in many Android apps.
In this article, I’m going to talk about deep linking and the bug I found that allowed me to steal another user’s access token. So, let’s just begin.
What the deeplink doin?
Have you ever clicked on a …
access access token android bug bounty deeplink exploiting flaw infosec leak token
More from infosecwriteups.com / InfoSec Write-ups - Medium
Email Verification Bypass via Remember Me
1 day, 4 hours ago |
infosecwriteups.com
Active DNS Recon using AXIOM
1 day, 4 hours ago |
infosecwriteups.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cyber Threat Analyst
@ Peraton | Morrisville, NC, United States
Kyndryl Offensive Security Professional - Threat-Led Penetration Testing (TLPT) and Red Teaming
@ Kyndryl | Sao Paulo (KBR51645) WeWork Office
Consultant en Cyber Sécurité - Spécialiste PKI H/F
@ Devoteam | Levallois-Perret, France
Cloud Security Architect - Advisor (Remote)
@ Fannie Mae | Reston, VA, United States
OT Cybersecurity Engineer
@ SBM Offshore | Bengaluru, IN, 560071