LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

How I Found My First P1 Bug ??

2 days ago 9
BOOK THIS SPACE FOR AD
ARTICLE AD

Anonstrk

Hello everyone, this is the first bug I have found.

Shall we begin? Let me tell you, it’s part of a VDP program, and this is a P1 vulnerability.

When I started hunting on this website, I used my own methodology, which we can discuss in another blog.

When I began hunting on the main domain, I didn’t find anything because it was secure. After that, I started searching for subdomain URLs using WaybackURLs. I found a lot of URLs, so I checked them manually, one by one. It was a really hard task, but I used the Bulk URL Opener extension in Chrome. After that, I found an admin panel.

I tried logging in with default credentials like ‘admin’/’admin.’ I created some permutations of default usernames and passwords and applied them one by one. Eventually, I logged in using default credentials and accessed the dashboard.

After I reported the bug and received swag from the company, I was very happy at that moment.

Read Entire Article
  3. How I Found My First P1 Bug ??

Related

Single endpoint leads to two bounties!(400$)

Single endpoint leads to two bounties!(400$)

Breaking Boundaries: Discovering Session Invalidation Failures in User Roles

Breaking Boundaries: Discovering Session Invalidation Failures in User Roles

Google Warns of Samsung Zero-Day Exploited in the Wild

Google Warns of Samsung Zero-Day Exploited in the Wild

Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attacks

Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attacks

Ransomware Alert: Cicada3301 Emerges as Successor to BlackCat

Ransomware Alert: Cicada3301 Emerges as Successor to BlackCat

Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackers

Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackers

Trending

1. Siddique
2. Arsenal vs Shakhtar Donetsk
3. Share market today
4. North Korean South Korea
5. Indian airlines bomb threats
6. Prithvi Shaw
7. China
8. Anupam Kher
9. Godavari Biorefineries IPO
10. Lidia Thorpe

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

SketchUp Pro 2020 v20.2.172 (x64) Multilingual + Patch

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved