hacktricks/pentesting-web/phone-number-injections.md
2023-04-25 20:35:28 +02:00

3.8 KiB

Phone Number Injections

☁️ HackTricks Cloud ☁️ -🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥

It's possible to add strings at the end the phone number that could be used to exploit common injections (XSS, SQLi, SSRF...) or even to bypass protections:

OTP Bypass / Bruteforce would work like this:

References

☁️ HackTricks Cloud ☁️ -🐦 Twitter 🐦 - 🎙️ Twitch 🎙️ - 🎥 Youtube 🎥