.png)
1 month ago
36 BOOK THIS SPACE FOR AD
ARTICLE AD
How you can get yours too.
Hi, I’m Rivek Raj Tamang (RivuDon), a Security Researcher, Bug Hunter, and an Ethical Hacker currently persuing Master’s in Cybersecurity.
Here’s how I earned my first Letter of Appreciation and a Hall Of Fame.
Feel free to connect and get in touch with me, you can find out more about me on my linkedin, I am active there.
So, let’s start with another tale of how i got my first Letter of Appreciation, and a Hall of Fame. This one was a true test to Patience, Persistence, Determination and Hardwork. Eventually i persevered and was fruitful.
The hunt beginsI put my hacking hat on, selected a target and set out to find bugs and vulnerabilities.
My target was drexel.edu they not only provide a Letter of Recognition but also Hall of Fame recognition in their website.
Like any bug hunter I did the usual Recon, Information Gathering and collected Subdomains.
After collecting several subdomains, I began my hunt.
While going through several subdomains i found out that they were using Wordpress a lot. I initially did not have any clue on how to hunt on Wordpress so I started researching, simultaneously. The first thing I found out was Directory Listing enabled so i used some basic dorks like
site:*.drexel.edu inurl:index of/But I had no luck.
UnluckySo I learnt about another bug which was the Author Name disclosure via the REST API.
To find it just go to any website having wordpress and go to this directory
target.com/wp-json/wp/v2/usersThis will list the author name and sometimes PII information as well, if you’re lucky.
So I finally found something, I was able to access the Authors name and get a list of several authors with their email.
I quickly made a report on it, attached Video POC, Screenshot, and all the essential ingredients of a good report and hit the send button. I was hoping for the best.
Excited for their responseAfer a week of waiting excitedly for the response I finally got an email. Which was …
But I was determined, as I told earlier that a lot of subdomains were using wordpress, that meant I could easily replicate the same and report it. And I did that exactly. I reported again. Waited for a few more days and guess what was the response ?
Me literally after receiving so many DuplicatesDuplicate again !
I then decided I will find out more about how I can exploit Wordpress so I went all in, read tons of articles, read reports and watched a lot of POC videos on Wordpress exploits and vulnerabilities.
So much so I can now literally Give a masterclass on Wordpress, I have few tricks and tips up my sleeves.
*Do contact me if you really want to learn it as well.*
Anyway In short I reported a whopping 22 number of Bug Reports.
Shocking right ?
But for me It felt like a battle I had to keep going on until I was successful and I was very determined to get the letter and Hall of Fame.
The success of persistence and determination.Finally after countless numbers of Duplicates, I was even reporting 2–3 reports per day. Eventually after literally 3–4 weeks of reporting and getting their responses of Duplicates I finally received an email which had …
I received 5 Valid Bug confirmations on bugs like
xmlrpc.php file enabled and exploitationWp-cron.php file enabled and exploitationServer version disclosure and Security MisconfigurationsNote: I will be writing a detailed writeup on Wordpress Exploitation and Vulnerabilities. So stay tuned.
I was extremely relieved to see the response after so many duplicates.
Then after a few days I got an email from their CISO which was titled “Bug bounty Letter of Appreciation” and My name was added to their Hall of Fame.
To all the people out there, I want you to push past yourself to bring out the best of your abilities. Had i stopped after getting duplicates I would have never received the letter nor the Hall of Fame, Yet I choose to be determined and be persistent, If I can do it. You can too.
“Our greatest glory is not in never falling, but in rising every time we fall.” — Confucius
Stay tuned with me on my bug bounty journey, and don’t hesitate to reach out for advice or collaboration!. I will be writing more in the future for sure and sharing my findings, tips and tricks to contribute to the community i learn from everyday.
We also have a community of 100+ hackers and bug bounty hunters on whatsapp feel free to join: https://chat.whatsapp.com/DD3NTchIGlF9Fg1tRMSpPs
Feel Free to connect with me on linkedin: https://www.linkedin.com/in/rivektamang/
Also don’t forget to follow me and turn on the notifications to get notified about my next writeup.
Support me to write more content like this by buying me a coffee at buymeacoffee.com/RivuDon
Thank you ❤
Bengali (Bangladesh) · 
English (United States) ·