How I Found P1 bug Due to Sensitive data exposure And Earn $$$$
Hello ,Hackers I hope you all are doing great. Keep finding bugs and even if you are not finding them, keep putting efforts in it . Here we will talk about a bug which I found recently.
So recently I started a program which is program.com . A small intro about program.com , it is a bug bounty platform like bugcrowd and hackerone. So i decide to find bug in private program.
Now lets’ begin
so i started searching bugs in program like my fav ATO and xss,sqli,htmli.. etc
But it didn’t work! :(
After investing lot of time in these bugs i tried finding some juicy data . I went through my profile page and opened view source page, and started searching token or any api key but suddenly i saw that my email , user id and other sensitive data was visible on the source page. I thought because i have logged in thats why my data is available , but then i logged out of my account ( in program every users profile are publicly available in site ) and i simply searched http://program.com/bugtester , and opened my profile and went to the view page source and ,
I was shocked that i can see my whole data without any authorization , now i was thinking about how i can access other users data too , now i simply use “ wayback urls “ i get lots of username and then i opened users one by one and check page source , AND YES I can access every users data without any authorization
I immediately created poc and submitted an issue in program. After 2–3 days i received reply like this
Now bug is Fixed
Tips = Patience is a key