Bug Bounty Challenge: Day 4/15–12/03/2024

Wallotry
3 min readMar 12, 2024

--

Welcome to Day 4. Today’s post will be a bit different.

I woke up this morning to my rate-limit report (mentioned in one of the previous posts) and It was closed as an informative, honestly, I wasn’t that surprised.

If you read yesterday’s post then you’d know that I mentioned reporting a vulnerability I found yesterday, but I’ve been second guessing reporting it because I can see the odds of it being closed as an informative being high therefore I’ve been researching ways to escalate this issue beyond a low/informative territory, I’ll keep doing research, coming up with Ideas but on the 14/02/2024 I must have that report ready even if I feel like it’ll get closed as an informative, I’ve had reports I thought were informative, get triaged and the ones I thought were not get closed as such, It is a confusing process but what I try to keep in mind is that you never know until you receive feedback and what do you have to lose? Is it a report getting closed as informative? What do you have to gain? A bounty!

I’ll start with how I improve myself as a hunter — the first thing I do every day before I hack is reading write-ups and do some research, this is to stay up to date with the knowledge being shared within the community.

How do I stay motivated? I started this challenge because I had zero motivation to hunt even though I knew I wanted to (It is a confusing feeling), the spark was never there so I decided to create my spark through this challenge and if you have no motivation, I invite you to join me, and challenge yourself. The second answer is — When you don’t feel like any part of you wants to hack, do not force yourself, but it is important to be able to tell when it is laziness and when it is your mind telling you to go touch some grass and take a walk, I think it’s an important skill to have as a hunter.

On the matter of finding vulnerabilities, I think that most of us are scared of actually hunting, and investing the time necessary, I am guilty of this, so I try to use my programming knowledge for automation and hacking knowledge for manual hacking and just commit even if the irrational part of my mind tell me otherwise. Pick a target and tell yourself you’ll be spending this amount of time on it before hopping from one program to another. Basically, actually invest time into your target and hack everything you can get your hands on, and you’ll see for yourself what come next :)

I hope that answers your questions, I am still learning a lot myself, so if you have any constructive feedback, feel free to share it, I’ll be glad to receive it.

See you on the 14th ❤

--

--

Wallotry
Wallotry

Written by Wallotry

I'm just addicted to hacking.

Responses (1)