A 1-click account takeover vulnerability was identified in Twitter/X, allowing a remote attacker to gain full access to a user’s account after a single click interaction.
Impact:
Upon successful exploitation, the attacker can:
Proof of Concept:
A demonstration video (POC) is available below this post.
WATCH POC VIDEO (http://23.95.191.218/ATO_TWITTER.mp4)
Contact:
reach out via Telegram: @dox3er
Impact:
Upon successful exploitation, the attacker can:
- Read and post tweets (including protected ones)
- Modify profile information and settings
- Follow/unfollow, mute, or block users
- Manage lists and collections
- Read, send, and delete DMs
- Bypass 2FA
Proof of Concept:
A demonstration video (POC) is available below this post.
WATCH POC VIDEO (http://23.95.191.218/ATO_TWITTER.mp4)
Contact:
reach out via Telegram: @dox3er
