.png)
4 years ago
198 BOOK THIS SPACE FOR AD
ARTICLE AD
Hello Everyone (Ram Ram Ji),
Today I wanna talk about one of my unique & quickest finding on HackerOne’s Private Program. It was all about an Admin Panel Access. So let’s get started.
1) Bypassing Scenario for admin login page:
I picked up one of their assets from that program and while accessing that URL i simply put /admin directory at the end of that asset. I got a 403 error on that page. So I thought why not to give a shot to bypass that 403 error after that, I perform some techniques to bypass that 403 error but no success. Later, I thought why not change the host header value of that request. Then what I was noticed that the 403 error disappeared and Admin Panel Login Page appears with 200 Ok status code.
Request was looked like:
Original Request/Response:
GET /admin HTTP/1.1
Host: redacted.com
HTTP/1.1 403 Forbidden
Access Denied
Modified Request/Response (Bypass):
GET /admin HTTP/1.1
Host: google.com
HTTP/1.1 200 Ok
Admin Panel Login Page(Source Code)
2) Accessing the admin panel:
This is a favorite part of my finding. Well, whenever I testing any admin panel my first priority is that I always enter admin admin as username & password, and luckily this thing works here and I got access to the admin panel.
June 30, 2018 — Reported to Private Program
June 30, 2018 — Report Triaged
July 05, 2018 — Vulnerability fixed
July 22, 2018 — Bounty of $1500 USD awarded
Special thanks to nullr3x (Big Bad Bro 🤑)
Bengali (Bangladesh) · 
English (United States) ·