Skip to content

Latest commit

 

History

History
45 lines (28 loc) · 3 KB

phone-number-injections.md

File metadata and controls

45 lines (28 loc) · 3 KB

Phone Number Injections

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}

It's possible to add strings at the end the phone number that could be used to exploit common injections (XSS, SQLi, SSRF...) or even to bypass protections:

https://www.youtube.com/watch?app=desktop\&v=4ZsTKvfP1g0

https://www.youtube.com/watch?app=desktop\&v=4ZsTKvfP1g0

OTP Bypass / Bruteforce would work like this:

https://www.youtube.com/watch?app=desktop\&v=4ZsTKvfP1g0

References

{% hint style="success" %} Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks
{% endhint %}