Kicking Off 2025: Findings on U.S. Department of Energy

Hello, Infosec Community!

I am Guru Prasad Pattanaik, also known online as “TH3N00BH4CK3R.” Today, I want to share my experience of securing one of the esteemed organizations — the U.S. Department of Energy. This is my first finding of 2025. Do check out my previous blog, ‘How I Ethically Hacked the Indian Army for the Second Time’.

As someone who is still relatively new to cybersecurity, I’ve been focusing on learning the ropes and gaining hands-on experience. Rather than chasing monetary rewards, I’ve been dedicating my time to Vulnerability Disclosure Programs (VDPs). These programs not only help organizations secure their systems but also allow newcomers like me to learn, practice, and grow responsibly.

While reading Medium blogs, I explored writeups around Dorking and WAF bypass techniques. The blog shared some incredible insights, and one method that really stood out to me was the favicon search technique.

Favicon Search Technique

By using this technique, I was able to identify the origin IP of a system that was protected by a Web Application Firewall (WAF). To my surprise, bypassing the WAF gave me unauthorized access to the organization’s email management system. This system allowed me to enter any user’s email address and either subscribe or unsubscribe them without their consent — a clear violation of user privacy and security.

I decided to dig deeper into the domain. I used Google Dorks, a powerful tool to uncover sensitive information, and searched for PDF files hosted on the same site. That’s when I stumbled upon a critical endpoint:

*.*.*.gov/registration/*

This endpoint immediately caught my attention because it was unprotected and lacked any authentication. Upon further inspection, I found that it exposed a lot of sensitive personal information (PII), including:

1️⃣Full names
2️⃣Email addresses
3️⃣Phone numbers
4️⃣Home addresses
5️⃣Security numbers

I identified 5–6 PDF files containing this information, which could easily be exploited by attackers for malicious purposes.

Recognizing the severity of these vulnerabilities, I quickly documented my findings and submitted a detailed report to the organization through their VDP.

To my delight, the organization took my report seriously, patched the vulnerabilities, and even acknowledged my contribution by featuring my name on their Hall of Fame page!

This was my first security finding of 2025, and it has been a truly thrilling experience. With this finding, I learned about new techniques and methods. For anyone new to this field, I’d strongly recommend starting with VDPs. They are a fantastic way to learn, gain experience, and contribute to the security of systems worldwide.

I am incredibly grateful for the constant support and encouragement I receive from the community. Your kind words and feedback motivate me to keep learning and improving every day. This journey wouldn’t have been possible without you all.

Let’s keep learning, growing, and making the internet a safer place together. I’d love to hear your thoughts or experiences — feel free to share them in the comments. Your insights inspire me to do better every day.

Thank you for reading my story!
Don’t forget to like, share, and comment! Keep learning and growing!!

LinkedIn: https://www.linkedin.com/in/guru-prasad-pattanaik/

Instagram: https://www.instagram.com/guru.p05/

Twitter: https://x.com/gurupra9161