Bug Bounty Challenge: Day 6–15/03/2024

Wallotry
1 min readMar 15, 2024

--

Welcome to Day 6.

Remember the vulnerability I said I’d not report yesterday? This morning I woke up with an Idea of how I can escalate the vulnerability and I immediately got to writing the report. There’s still the chance that the report can get rejected, like with any other report, but I’m glad It’s finally done.

I then began mapping out my target endpoint, doing a lot of manual recon, touching everything I could touch, and hours into that I began feeling demotivated, to combat this I decided to read write-ups, and a few hours later I was back, and even more excited about mapping out my target.

I found an HTML injection vulnerability, but I did not report it for three reasons:
1. It is out of scope
2. I found it relatively quickly, therefore it is most likely a duplicate
3. The impact is not worth me investing time into it

Not much happened today, it was boring mapping the target, it is really large, and it gets repetitive, but that’s the behind-the-scenes of vulnerabilities, it takes work and due to that fact, I’m happy with today’s work.

Happy Hacking. See you tomorrow. ❤

--

--

Wallotry
Wallotry

Written by Wallotry

I'm just addicted to hacking.

No responses yet