.png)
11 months ago
53 BOOK THIS SPACE FOR AD
ARTICLE ADSo hello everyone, this is my first medium blog and first blog on bug hunting . So,without any delay, let’s move to today’s blog.
I cannot disclose the domain name so let’s call it xyz.com. My first methodology is doing recon. I tried to fuzz the hidden directories and tried Google Dorks to find some juicy content. But at last, I didn’t found anything. Now comes one of my favorite tool waybackurls. If you don’t know anything about this tool you can search it on google. You can download this tool from here: https://github.com/tomnomnom/waybackurls
After getting all the URLs, I searched for some hidden content for one hour. Suddenly, I came across one URL with some JWT tokens. I pasted the URL on my Chrome and guess what, I got added to the project of some organization. So it was the invitation link for editing the project. There were many such links in waybackurls. If an attacker gets access to those links, he could perform any action on the project.
I immediately prepared a report on my bug and after 2–3 days I got a reply from them that said your report is duplicate. Well, at least I learned something from this.
I hope you enjoyed my blog. I will be back with more such blogs on bug bounty.
Bengali (Bangladesh) · 
English (United States) ·