Differences

This shows you the differences between two versions of the page.

--- tbhm:04_authorization [2026/05/14 09:28] – converted from markdown to dokuwiki syntax drew
+++ tbhm:04_authorization [2026/05/14 09:59] (current) – integrate zseano methodology drew
@@ Line 22: / Line 22: @@
   * Multiple sessions allowed
   * Easily reversible cookie (base64 most often)
+===== Zseano Auth Testing =====
+**Login testing:**
+  * Host header injection in password reset: ''Host: evil.com'' -- does reset link use evil.com?
+  * ''myemail%00@email.com'' -- null byte truncation to real account
+  * Redirect parameter on login/reset: ''returnUrl'', ''goto'', ''return_url'', ''back''
+  * Mobile login vs desktop -- often different codebases
+**Session bugs:**
+  * Old cookies not invalidated on logout
+  * Base64-encoded cookies -- readable user data
+  * No new session cookie on privilege change
+**Account takeover chains:**
+  * XSS + no email change confirmation = ATO
+  * CSRF + email change = ATO
+  * Open redirect in OAuth = token theft = ATO
+  * [[zseano:auth_session|Full Zseano Auth Guide]]
+  * [[zseano:escalation|Bug Chaining & Escalation]]