Welcome to Day 2. I found 5 Vulnerabilities, but I decided not to report anyone one of them.
The first vulnerability was that “an attacker can purge web cache” and the impact of this is informative based on previous experiences, so I kept on hacking without reporting it.
The second vulnerability was an open-redirect in the program’s main domain, I found this by sending the request to burp’s intruder tab and using an “open-redirect” wordlist and I got a positive result on one of the requests, I was excited, then I decided to double-check the scope and the vulnerability is out-of-scope.
The third vulnerability was an information disclosure but with a twist. Let’s take a look at the image below:
As you can see, I’ve found a sensitive file exposed, but there’s a problem, there’s no sensitive data.
The fourth bug was an exposed Google API Key, I honestly still don’t know if this is a real vulnerability or not, I’ve seen tweets mocking hackers who report this, and I’ve seen a POC where the API Key is used to cause a financial impact. If you’ve got your report triaged for this bug, please let me know, your feedback is much appreciated.
And for the final 5th vulnerability (It’s multiple vulnerabilities) — A WordPress information disclosure, I’ve seen reports get paid for this bug before, but I don’t think It’ll get triaged therefore I decided not to report it. Overall, it was a good day, had a lot of fun.
See you tomorrow❤
