# Week 53 - Pre-Account Takeover You've probably heard of Account Takeover vulnerabilities, but have you heard of Pre-Account Takeover (OAuth)? This can occur whenever an application does not verify a user’s email upon registration and implements a third-party social login (Sign in with Google, Facebook, etc). The attack path looks like: -A threat actor registers an account: victim\@victim\[.]com -Sometime later, the victim signs up but does so through a third-party social login (also using victim\@victim\[.]com) -When the victim successfully creates their account, the application will link their new account with the threat actors old account, since they both are using the same email -The threat actor can proceed to login to the victim’s account with the password they set in step 1, and achieve account takeover Successfully executed, this attack allows for the takeover of a target victim’s account. This finding can be remediated by properly implementing email verification, along with checking if the user account exists before allowing new sign-ups through a social login. As a hacker, you should spend some time on engagements attempting to bypass this verification as it can lead to a nice finding! ![](/files/dPIBbA3nzHIES2syM6oi) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.webhackingtips.com/week-53-pre-account-takeover.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.