LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

How i earned easy$$$ by deleting user comments on any post

3 weeks ago 20
BOOK THIS SPACE FOR AD
ARTICLE AD

Le_Merdien

Hello everyone , i wanted to share with you one of my easiest findings that can make you $$ easily . So lets talk briefly about the program that i was hunting on to give you the big picture . Its like a shopping program and you can share these items with other users or friends by a link so when you share it between your group you create a post on this item something like this in following picture .

sharing the item create a post visible between the people you shared with.

At the begging i tried accessing the post without have a link or permission by simply creating a post from the “Attackers” account and change the method endpoint to GET and remove the parameter from the request and try to access the post details without any link or invitation to the post

Attacker created a post on his account by sharing it with anyone

Then after changing the “POST” to “GET” and remove the parameters in the body and swap the post ID in url :its the number after the V1 by the victims post ID i accessed the post details and it worked fine a simple IDOR but then i tried to delete the users comments and likes from the post and the only one who…

Read Entire Article
  3. How i earned easy$$$ by deleting user comments on any post

Related

How I got my first Hall of Fame - Bug Bounty

How I got my first Hall of Fame - Bug Bounty

Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheet

Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheet

$3 Billion Crypto Exchange XT Allegedly Hacked

$3 Billion Crypto Exchange XT Allegedly Hacked

Hackers Steal $17 Million from Uganda’s Central Bank

Hackers Steal $17 Million from Uganda’s Central Bank

Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins

Small Bugs, Big Bounties: A Hacker’s Guide to Quick Wins

Critical Vulnerability Discovered in Zabbix Network Monitoring Tool

Critical Vulnerability Discovered in Zabbix Network Monitoring Tool

Trending

1. The Sabarmati Report
2. Hunter Biden
3. Amitabh Bachchan
4. Yeontan
5. Odisha Police Constable Admit Card
6. Sundar Pichai
7. Skoda Kylaq
8. Shalini Passi
9. Suraksha Diagnostic IPO GMP
10. Filmfare OTT Awards winners

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved