How i was able to get Appreciation from the organization of a website just by changing a sign..!!!

Hi there, This write-up is for the beginners who are into the bug-bounties, and are searching for new-way of finding vulnerabilities. This was my approach, so let’s start.

The vulnerable website was, as an example : https://example.com/index.html/

This was normal to use index.html page. So i took the website, intercepted in Burpsuite and used the function of “Spidering” in Burpsuite.

I saw that there was a webpage loading as : https://example.com/hello.txt~/ (This letter/symbol is known as delimiter)

This was quite suspicious. Then, a sense came within me, of “Replacing extensions with symbol”. So, i replaced “hello.txt~” with “hello~.txt”

Nothing happened…!!!!!!

Now, went to change “hello.txt” to “hello~”

Nothing happened…!!!!!!

Thought that there is no vulnerability and it is quite decent now to “Not Report any vulnerability”

Then before closing the website, i went through technologies used in the website using “Wappalyzer” :- https://www.wappalyzer.com/

While going through, i saw that “https://example.com/index.html” loads as “https://example.com/index.html~/” in Page Source Code.Source Code Disclosure.

I took the website page code seriously, and removed index.html, with just “index~” and I hit enter key.

And there i was able to get source code disclosure of the website and get to know about SQL queries working at the back…which was a complete “Sensitive Information Disclosure”.

It fetched me Appreciation for finding a new type of vulnerability at the platform.

Tips : Use the special symbols (~, !, @, #, $, % etc) only when there is acceptance of it in the source code of the page, else it will be a time waste.

— — — ======— H@ppY_H@ck1nG —======== — — —

ASE | CEH | Pen-tester | Coder