.png)
9 hours ago
8 BOOK THIS SPACE FOR AD
ARTICLE AD
Hey folks here is 0xRasputin AKA Abdullah Ahmed and let’s crash a new easy bounty.
So the target is a H1 Public Program for a massive US company with a massive scope let’s refer to it as target.com.
Along 2 months I submitted 6 reports varied between Duplicate, N/A and Info but those frustrating reports was very important in order to understand the massive scope and triagers behavior.
So let’s dive into the thing. Started by doing some recon collecting a bunch of subdomains. You can use any tools but below is my favourites.
Assetfinder -> Rapid as hell -> https://github.com/tomnomnom/assetfinderAmass -> Great at Large scopes -> https://github.com/owasp-amass/amassSubfinder -> Make sure to feed it some APIs -> https://github.com/projectdiscovery/subfinderSo to make the short story shorter I found a boring subdomain.redacted.target.com it was not even interesting at all. but through the last month of hacking this target I was ready with my custom fuzzing wordlist and right away I fired my dirsearch you can install it from the link below.
And Boooom in less than 30 Seconds I found a little directory which contained a bunch of internal usernames and passwords for internal critical services and employees.
I reported it as HIGH and in less then 2 weeks I got My juicy easy 1000$.
Hope you guys like it. and remember one important thing, persistence is the only guarantee for success.
Happy hacking…
Bengali (Bangladesh) · 
English (United States) ·