How I Exploited Rate Limiting to Access Admin Features (Real Case Study)
1 min read
Summary
Abhijeet Kumawat has shared a real-life case study on how he was able to access admin features due to weak rate-limiting by a SaaS company.
The company had a role-switching endpoint, but when he tried to switch to an admin role, he was blocked due to rate limiting.
Rate limiting is often based on IP addresses, so he used a few simple tricks such as using a proxy rotation service and dividing the request amongst many IPs.
By doing this, he was able to bypass the rate limit and switch his account to an admin account, giving him access to admin-only features.
He was able to report this vulnerability through the bug bounty program and received a bounty for his findings.
This case study highlights that rate limiting is an important security feature, but it needs to be implemented carefully to be effective.