A duplicate P1’s story.

Hey guys, I hope you all are doing well. In this write-up, i am sharing a P1 bug’s story, which got duplicate. And i hope you will enjoy this write-up😊.

If someone can learn something new, then why not should i share?

Lets start…

5–6 days ago, i was browsing bugcrowd programs list. I was just analysing program’s reward amount, reports resolved etc. I picked a target , lets say target.com . Reward amount was good, resolved reports were also under 200 , known unique issues were also less. So, i thought to give it a try.
I gathered subdomains, and started visiting one by one. In 6–7 hours i didn’t got anything interesting, i almost visited their every subdomain. so i thought to get a break for sometime.

After some break, i started passive recon. I searched for company name in scribd.com , trello.com , repl.it, and did some google dorking. There also, i didn’t got anything special.

Then i started GITHUB Recon, and in 5 minutes i got this:

Someone updated these about 20 hours ago. I reverse searched that IP, and that was my target’s IP. BOOOOOM, their MySQL creds. Then i searched for LDAP , and:

These ldap creds were updated 3 days ago. I was like:

Also , i got some AWS keys and api_keys, but they were quite old (2018), so i thought not to report them. I quickly made a poc , and reported them.
After about 1 day , i received a mail that this is duplicate.

Why , why there are duplicates????

I hope you enjoyed my this write-up, if yes then share. Because, why not?😂