# 1 Click Account Take Over

* This is a write-up about a highly interesting bug bounty case from our team. It's a business logic issue that could lead to an Account Takeover with just one click. It's quite exciting to contribute to the [Hacktrick ](https://book.hacktricks.xyz/pentesting-web/account-takeover)with this finding.

<figure><img src="https://2201636059-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSfoQhbocJNOvMrmTVxh9%2Fuploads%2Fd4lit3zMtN7Pt6xSQ7NQ%2Fimage.png?alt=media&#x26;token=49e982b7-f04c-49e7-8201-cbcfb36eb9fc" alt=""><figcaption></figcaption></figure>

### TIP:

* Attacker requests to change his email with a new one
* Attacker receives a link to confirm the change of the email
* Attacker send the victim the link so he clicks it
* The victims email is changed to the one indicated by the attacker
* The attack can recover the password and take over the account

> **You can also read the full blog in this:**

{% embed url="<https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea>" %}

Thanks for reading, have a nice day :heartbeat:


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://giongfnef.gitbook.io/giongfnef/bug-bounty/1-click-account-take-over.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.