My first Critical Bug

Abhishekgk
2 min readJun 23, 2021

--

  • Hello everyone this is my first writeup in medium.
  • I am a cyber security student.
  • I like to learn new things in cybersecurity field, and want to improve myself everyday.
  • I recently participated in Bug Bounty Programs
    I usually forget to look at the scope of program 😅,because of which all the vulnerabilities I report to program was considered not applicable 💔.
  • Recently I enrolled in a program(example.com),and I started my usual path of finding subdomains and if I find some interesting domain,then I will do directory brute forcing on it.
  • Then, I found example.com/admin directory and I saw a login page.
  • I used default credentials to login into it and it was not successful.
  • Then, I looked into the source code and then I did not get anything useful until i noticed javascript file link in the bottom of source code.
  • It was like example.com/admin/xyz/jQuery.js.
    There was no useful information there , but then I tried to move one directory back (example.com/admin/xyz), and it was 403 page.
  • I moved another directory back(example.com/admin), and I saw the dashboard.
  • I was admin, even without logging in as one.
  • If I directly try to access example.com/admin, it asked for a password, but, if I repeated the previous steps,it did work and I was admin again.
  • I did not know why it was happening, and I reported it to program.
  • It was my first Critical bug, and I was excited.
  • As usual, it was out of scope, and it was tagged as not applicable:-):-).
  • I decided to not repeat this anymore, and will find more bugs in future.
  • If you know why the application behaved in this way, and why did this security flaw happened, or if you want to contact me,

Ping me here http://twitter.com/abhishek3141Pie

--

--