Broken Link : My Story Of Hijacking a Twitter Handle
Today , I was scrolling through the Medium Posts about Bug Bounty and I had come across a Medium Post by Om Arora . He is a Cyber Enthusiast and Bounty hunter.
Following is the post I read
So, In short It is about How he managed to find Directory Listings and then Broken Link Hijacking Vulnerability and One more.
I liked the way he explained. Inspired by this I thought I should at least follow him on X. So , I clicked on his X(formerly twitter) link.
After clicking It displayed that the account @om83418440 doesn’t exist. I thought wow 😳 maybe I should try to use the knowledge given by this fellow hunter to Hijack his former X account.
The result is I am able to register an account belonging to that username.
So , The Impact of this vulnerability in this case is I can use his former account as a means of Pretext to scam his readers because he has 2.4k followers on Medium. If he mentions his X account in Every Post then the readers who want to follow him will be redirected to a hijacked account.
So long story short In case of a company the Issue becomes Impersonation of X handle.
So readers you should notify him as well as I will do.
Om Arora if you are reading this then you should remove X links from your medium posts that belong to this X account @om83418440.
Thank you for Reading.
