.png)
9 months ago
65 BOOK THIS SPACE FOR AD
ARTICLE AD
Hi Guys,
Recently I came across a vulnerability that I would love to talk about.
I was invited to a private hackerone bug bounty program of a well known porn site.
I logged into the site and opened some random porn video. There were multiple comments in the comment section of that porn video and also there was a “report” button to report offensive or spam comments.
I clicked that button and intercepted the request with Burpsuite.
It was a surprise to see that the comment content (“nice”) was getting sent as a request parameter named “text”.
That was something very unusual.
After intercepting the request I changed the text parameter’s value from “nice” to something else like “Some Offensive Text” and then observed the response:
As you can see in the above screenshot of the HTTP response, it showed {\”message\”: \”ok\”} in the response confirming that the tampered value has been sent in the report request.
Now upon investigation it was realised that these offensive/spam comment reports were being analysed manually and there were certain actions being taken again offensive/spam users including the deletion/suspension of account. Since the site only allowed paid user to login to it, it would be a financial impact to the users if anyone report their comment by tampering the content and as a consequence the account of the user get suspended.
The bug was accepted and a bounty was paid for the responsible disclosure.
That’s the happy ending I guess.
I hope you enjoyed reading.
Don’t forget to read my other write-ups.
Happy Hacking :)
Bengali (Bangladesh) · 
English (United States) ·