Bug Bounty

Rate-limit bypass Soundcloud recovery

SoundCloud is a robust online audio platform where users can distribute or discover new music. With more than 175 million unique monthly users who discover these new songs, there is a big opportunity for malicious ‘users’ to spread there viruses.

The issue:
by flooding these requests is that your mail box will be overflooded with reset mails and that it could harm the company’s spirit! Users will complain that they are being ‘hacked’ or that the site isn’t trustworthy any more!

I’ve used my own gmail as a proof of concept with the reset flood as you can see in the following video :

Possible scenario:
An attacker uses this exploit to send 10-20 mails from soundcloud password reset to 10000+ accounts. This means 100000 mails from soundcloud (which wouldn’t be there if this was possible). Which may be marked as spam by the persons who don’t like all those mails that are being sent to them.

The vulnerability has been patched by SoundCloud.

Extra info:
*username or mail required

Leave a Reply

Your email address will not be published. Required fields are marked *