Massive account creation chained with Session fixation in traduora.
Proof of Concept
- setup traduora to reproduce the vulnerability
- go to create an account page http://localhost:8080/signup
- Append a Name, Email Address and Password and capture the request with Burpsuite
- Send the request to intruder and provide the necessary option and attack
For testing I used battering ram mode and created admin1 to admin50 with email firstname.lastname@example.org to email@example.com
Traduora is also vulnerable to session fixation issue due to that once attacker registerd the accounts after that victim opens his account with new password the seesion of the attacker will not expired.
Able to Create multiple accounts with a single request to annoy legit users that user with this email already exist and attacker is able to maintain access with old sessions even if the security of the account is updated by the victim.