.png)
1 month ago
24 BOOK THIS SPACE FOR AD
ARTICLE AD
Hi There , thats my first write-up , So sorry for my bad English._.
Story:
I got a private invitation for a program , I cannot say its name , so lets call it redacted.com , it was a trading platform , so i started hacking on the main application without recon, I find that they have a program called “educational program” that you can join by giving them your email and some details.
They have an otp to check that you are the owner of the email , the code was about 4-digits , it is about 10K tries , and guess what? there were no rate limit protection in the request , So i reported it waiting for duplicate , but for my surprise it got triaged and after a month i got my bounty with bonus.
Timeline:
Reported — — 4/08/2024
Triaged — — — 8/08/2024
Resolved and got bounty — — 15/10/2024
Bengali (Bangladesh) · 
English (United States) ·