Buy Royal UI Officially! Contact Us Buy Now!

Coolwinks.com Account Takeover

Dipak Kumar Das
Hi everyone , So after a long time i am publishing one of my recent finding on coolwinks (PS:They don't have a bug bounty program).
So while placing an order  i marked if your payment failed then an automated email send to your registered email . Where there a link by clicking the link it will automatically logged you in your account .  So i just checked the link to know which parameter is responsible for auto login .


so the url look like this

https://www.coolwinks.com/checkout?utm_source=automailer&utm_medium=mail&xmzfd=dmljdGltQGdtYWlsLmNvbQ==

So you can see the parameter  xmzfd hold a Base64 Value


Ok lets decode the value of  xmzfd 

Base64 Decode of dmljdGltQGdtYWlsLmNvbQ==  is  victim@gmail.com

So here simple encode anyuser registered email to Base64 and replace the value of xmzfd with encoded value and open the link in browser boom you will be logged into the user account




So here the video proof of concept






Status: Fixed




Thanks for reading

1 comment

  1. any bounty
  • A-
  • A+

© ADDICTIVE HACKERS. All rights reserved.

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.