In a Responsible Disclosure Program.
Like every noob , I am also stuck in between where to start in bug bounty and how to select a target ? , even though I am doing pen testing for months !
Finally, after roaming weeks by weeks I catch up something and started to hunt . Then I realized that I am wasting time , because I opted the bad approach . Every-time when someone posts their bug bounties $$ my inner-self was hurting . But I didn’t give up , I started learning again by reading blogs , write-ups , watching POC and all .
This time I choose less traveled road ! Nothing but the google dorks .
One after one I checked the sites and their In-scope and Out of scope stuffs. Later ,I choose one target called redact.com and stick to it . Yaaaaeeeaay !!
Focus on the journey, not the destination. Joy is found not in finishing an activity but in doing it.-Greg Anderson
Started to Recon and enumerated subdomains . Then got an interesting subdomain called dashboard.redact.com . Opened the subdomain in browser and checked its content . Its redirected to a login page !
I tried to login with default credentials , but F.A.I.L.E.D miserably. Then did the brute-forcing , nothing happened . Now I change my mind and go for the directory brute-forcing . . . . . . . . . . T A — D A ! got something . . . . . . . . . . . .
I got an interesting endpoint called /metrices . Once hit the enter , it exposes the dashboard metrices to the instance. I got some information exposed including OS Information , Response time , Admin and Users counts etc . . .
Feeling Happy finally , didn’t waste a time and started to make the report and send send them on the same day . After couple of weeks, got a response from the security team stating that they acknowledged the issue and it is valid .
Thank you for Passing by 🙏
NB : This is my very first write-up in this platform . Kindly pardon me for the typos,grammar and made u sleep for reading this ! .