How I find my first P1 level Bug.

3 years ago 261

BOOK THIS SPACE FOR AD

ARTICLE AD

Hello Hunters,

This is my second blog, Today I will share a write-up about how I was able to See the user sensitive information on a Private Program on BugCrowd.

Before reading this report go check out my first report.

I can't disclose the program name so assume it as www.examle.com

I was Testing for XSS on this website so I started testing on different parameters.So what I did is open my burp capture the request and spider the host, I saw many parameters over there.Testing on the huge parameter will actually take a lot of time so I tested on 10–12 parameters but no results for me.So next I try to do a store XSS on first name and last field, but I was not able to write the script on first and last name, So what I did is capture the request in burp and change the first name and last name and dang my script was stored but unfortunately, the script is not getting executed.So i thought to send the capture request of first name and last name to intruder and I just select those parameters.So I have a payload list I just fire the payload list.Dang I see my Payloads are getting executed with 200 response and a huge number of length.So I just sort the length and check the response for the highest length. But still I was not able to get any XSS pop upI was checking each response but no results.Suddenly I saw the URL on the browser it is like https://something/api/xyz18/idI was able to see my user id number specified to me over there. I found something Juicy over there so I just change the I’d up down and