|
|
|
|
|
|
by monsur
4414 days ago
|
|
|
Hang on. The first step of this exploit is that "The attacker logs into the victims account on a 2FA enabled web application". How does the attacker do this if the account has 2FA enabled in the first place? And if the attacker can already log into the victim's site, why are the other steps even necessary? |
|
|