@@AimlessFish ideally yes, banking organisations catering to strong compliance and frameworks like GDPR, NIST, etc. standards like 27001 as well so, it's difficult to do that but people have done it in the past, y'know? 😉
okay! so after the email is done, they are asking for mobile phone where iam getting this response: HTTP/2 200 OK Cache-Control: private, max-age=0 Content-Type: application/json; charset=utf-8 Server: IFServer X-Frame-Options: SAMEORIGIN X-Xss-Protection: 1; mode=block X-Content-Type-Options: nosniff Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE Date: Sun, 29 Dec 2024 15:12:16 GMT Content-Length: 8 {"d":""} here i have changed d value to 1,0,2 but none of them are working. CAN YOU PLZ CLARIFY THIS....
@@aryanr7490 ideally I'd suggest you try resubmitting the page again. You see, the "d":"" should have some value in it and definitely not come in as blank. Try performing the response Manipulation for this part again and as long as you get some value to manipulate, you should be good! It'll be better if you create some temporary email IDs and perform this whole activity again as a better learning exercise and error free hack. Stay tuned for more content in 2025! 😎 Happy learning and happy hacking!
If the signup service doesn't perform this check during sign-in, the developers might as well be flipping burgers instead.
This must only work on insecure platforms right? Surely world banking organisations have secured this?
@@wduandy haha I hope they're also the developers at 5 guys or burger kings... Then we would be flippin' some burgers off their carts 🤣
@@AimlessFish ideally yes, banking organisations catering to strong compliance and frameworks like GDPR, NIST, etc. standards like 27001 as well so, it's difficult to do that but people have done it in the past, y'know? 😉
okay! so after the email is done, they are asking for mobile phone where iam getting this response:
HTTP/2 200 OK
Cache-Control: private, max-age=0
Content-Type: application/json; charset=utf-8
Server: IFServer
X-Frame-Options: SAMEORIGIN
X-Xss-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: POST,GET,OPTIONS,PUT,DELETE
Date: Sun, 29 Dec 2024 15:12:16 GMT
Content-Length: 8
{"d":""}
here i have changed d value to 1,0,2 but none of them are working.
CAN YOU PLZ CLARIFY THIS....
@@aryanr7490 ideally I'd suggest you try resubmitting the page again. You see, the "d":"" should have some value in it and definitely not come in as blank. Try performing the response Manipulation for this part again and as long as you get some value to manipulate, you should be good!
It'll be better if you create some temporary email IDs and perform this whole activity again as a better learning exercise and error free hack.
Stay tuned for more content in 2025! 😎
Happy learning and happy hacking!