.png)
6 months ago
35 BOOK THIS SPACE FOR AD
ARTICLE AD
Intro : Hello hackers!!😃 Today I will discuss about Client-Side DOS attack and how did I find this in a Bug Bounty Program which disclose Some Database Information which can be Sensitive sometime. So let’s jump into it.
So in that Web-Site basically I try to Register as an User. But in the Name field I input a Huge String like : aaaaaaaaaaaaaaaa……………………………
It is like this. The Endpoint is /rest/auth/signup.
So after inputting a Lot of data as a String, Database cannot handle it properly causes Internal Server Error (DOS).
So after analyzing the Response I found it Disclose database and Table Name along which Database it is Using.
So that’s way I found this Vulnerability. Hope you learn something new!!
THANKS FOR READING!
If you like it don’t forget to Like it and Follow me for more Articles.
Happy Hacking
Bengali (Bangladesh) · 
English (United States) ·