Hello everyone! I am really happy to announce that I got my first valid bug from a target, and not only that, I uncovered two bugs from that target. So in this blog, I am going to talk about those two bugs.
First bug
I found this bug as accdential. I will check source page of targeted website as daily then I found some code in page how to validate login page so I found has in code /welcome as a admin login directory is look like that https://attacker.com/admin/welcome.
it not work it go welcome page but it redirect automatic login page. So I decide check source page then I found a code like this <script>window.location.href = ‘../index.php’;</script>
Then I open my weapon it name burpsuite most important for hacker, likes as bharmsatra but its not joke time lets focus our vulnerability. I open burpsuite then intercept the request of admin/ welcome/ page to do intercept the response.
then I delete script it not going to admin page then boom I send response in brower its login admin page successfully.
This time I have all permission to edit this website.
Second bug
Critical Vulnerability Found: SQL Injection and IDOR Exploit on Website
I found critical vulnerbility its name like as simple mysql database because of vulneable parameter in website for example https://attacker.com/fees/payout/?id=1094/ its id parameter is vulnerable then I use sqlmap to find database and boom successfully account name,password,credit and debit, adhar,pancard etc. So this parameter have IDOR vulnerabilty of user how pay money.
That is my bug I found in website.If u re beginner so first you go bugbounty u try understand little bit code because they give u idea how website work but its more improtant thing is recon, recon it that thing you no do correctly so u miss oppoutunity to find bug.
So that’s all from my side. I hope you enjoyed this blog. Keep spreading knowledge.
Bye.
Its yours,
CYTERNER
