How I found High-Priority PII leak through web archive

4 months ago 20

Aditya Singh

Hello Hackers, Aditya here I am a cyber security student and bug bounty hunter.

This is my first bug hunting write-up. This program doesn’t allow disclosure so we are assuming as an

so, it all started 5 months ago when I was doing way back URL recon on after spending 10minutes I found an interesting endpoint (token=) That discloses 100+ clients Payment information, phone no, email names.

Here are the steps on how I found the bug and how you can find it too.

Go to the way back URL**&collapse=urlkey&output=text&fl=originaland in place of * enter your target domain for eg- *

3. Then just simply press ctrl+f and start looking for interesting endpoints

4. Here are the list of some endpoints that you can search

Search for =http, =/, =%2F, api, access, token, .json, admin, aws, .js, config, /v1, /v2, /v3, dashboard, oauth, url, uri, (For getting some subdomains), ey (for jwt), auth, internal, dev

5. i have search for token=

6. and found the URL which leaked high priority pii.


Reported Bug on — Aug 23, 2021

Got a reply of closing the report on — Aug 30, 2021

Reopening of Report and Bounty — Jan 10, 2021

Bounty Amount — Rs. 10,000

Thank You For Reading, have a great day.

Social media handles:-

LinkedIn —

Instagram —

Read Entire Article