Osu! Mina-san

I’ll be telling y’all how I got my first bounty after six months of hunting regularly.

It was an unlisted program, let’s call it example.com. (Always wanted to say this :”) )

So I started hunting on the site with some basic sub-domain enumeration and validation. After validating the sub-domains now it was time to start fuzzing these babies to get some sensitive info. (Evil laugh)

I started my Virtual Machine and started fuzzing the list of sub-domains, at first I did not find anything impactful which sadly continued till the end of the list until I got a ‘test’ endpoint. Normally this endpoint wouldn’t disclose anything crucial but luckily it redirected me to some private data being leaked and there you have it. (Private data being leaked: CV of a personal employee)

URL: https://abc.example.com/test

Tool: https://github.com/maurosoria/dirsearch

– – – – – – – – – – – – – – – – – – – –

Reported on: 26th March 7:33 PM

Triaged on: 26th March 8:27 PM

Rewarded on: 2nd April with 1,000 Rs gift card :)

Thanks for reading, until next time.

Saraba da!

Cyber Security Analyst