Welcome to Day 7.
Honestly, I have nothing “amazing” that happened today, apart from another out-of-scope HTML injection vulnerability which is anything but that, relatively, of course.
I spent my time doing research and reading write-ups for my methodology, time flew by quickly and with last 2 hours of work I had left, I decided to continue mapping out my target endpoint. And that’s when I came to learn that this endpoint, the reason why it has been so boring to me, it’s just constant clicking from page to page, the entire thing looks complicated, that’s the reason why there are certifications for those who can use it, the company even has its endpoint where people learn how to use their platform (yes, I’ve tried hacking this endpoint too), I’m now in this weird position where I’m debating whether I should keep mapping out this target or I’m just wasting my time and should move on. Then I remembered a quote from a write-up I read today, it was along the lines of — stick to your methodology all the time, stick to your program.
I have this irrational doubt about continuing to hack this endpoint, to put it bluntly, it’s because I haven’t found any exciting vulnerabilities, but then I remembered that it doesn’t matter because, I intend to stick to my methodology, no matter what. (even if my target is so boring and confusing)
Right now, I’m in the boring stage that’s never posted about on Twitter(a.k.a X) before they post their bounty rewards, the boring and painful stage where you have to read documentation and absorb everything about your target while believing, it’ll be worth it in the end. I’ll keep going, so should you :)
Happy Hacking. See you tomorrow. ❤
