Hey Folks, I am Ski Mask and I recently started bug bounty. in this Write-up, I will tell you about one of my findings!!
So I was Hunting on this Private Program on Bugcrowd let's call it Test.com
I recently read this blog about how you can calculate favicon.ico hash to find a company’s internal assets and IP Address you can find the blog here.
What is Favicon.ico ??
The little icon you find from the endpoint test.com/favicon.ico
How to calculate favicon.ico ??
There are many ways to calculate it you can refer to the blog I mentioned above or you can also use this website that can calculate the favicon hash.
After you have successfully calculated the favicon hash you need to find the company’s assets and IP Addresses using shodan
Use a Query like this: HTTP.favicon.hash: the hash
Add 200 to search for all 200 OK Pages !!
So I found this one IP Address using this method after that it is just simple directory fuzzing I Found a /.backup file that was leaking MySQL credentials
unluckily the credentials were not valid anymore so they changed the status to P4 and rewarded 100$
That’s all for the writeup
Hit me up on my Twitter!!