Bug Report-[HIGH] No Rate Limit Bypass On Reset Password Options Vulnerability
I have found a technique that can easily bypass the rate limit system of websites and with this bug we can easily attack into Verification Pin Option, Send unlimited number of huge notifications to victims, bypass OTP codes and takeover accounts etc.
Basically I have added a header X-Forwarded-For: 22.214.171.124 which will bypass the rate limit and reset request limits .
Every time the rate limit is exceeded just change IP to another one and the rate limit will reset itself.
Step to Reproduce:
Testing domain: https://alohaprofile.com/profile/reset-password
1.Go To Login Option and login in your account.
2.Now go to Reset Password option and click on Reset Password option & intercept with burp.
3.Now Go to positions Options and type X-Forwarded-For: 126.96.36.199 in under the host and then mark it $$ sing,
Then go to payload options and select payload numbers,
Now type 0,124,1 then go to attack.
You will see that you are able to submit 500 Reset Password Link.
Now Continue Sent request , If rate limit reached and blocked you then add X-Forwarded-For: 188.8.131.52 header. This will easily reset the rate limit. You can change IP address to 184.108.40.206,2,3,4,5,6 every time a website blocked you.
( With this bypass you can easily send unlimited amount of huge email notification to victim and make victim annoying )
Brute forcing verified panel
Trouble to the users on the website because huge email bombing can be done by the attackers within seconds.
Brute force OTP codes etc.
I hope you will fix this soon.
Kindly let me know i can get any Reward for this Bug?
If you need anything then please let me know.
I'm waiting For your reply.