Home / os / winmobile

foilChat Sign Up Email PIN Confirmation Bypass

Posted on 31 May 2018

The foilChat backend fails to prevent brute force attempts of the PIN code. An attacker can attempt all 10000 different PIN codes until the correct one is found, and then use the correct PIN to complete the registration.

 

TOP