How i was able to get Appreciation from the organization of a website just by changing a sign..!!!
Hi there, This write-up is for the beginners who are into the bug-bounties, and are searching for new-way of finding vulnerabilities. This was my approach, so let’s start.
The vulnerable website was, as an example : https://example.com/index.html/
This was normal to use index.html page. So i took the website, intercepted in Burpsuite and used the function of “Spidering” in Burpsuite.
I saw that there was a webpage loading as : https://example.com/hello.txt~/ (This letter/symbol is known as delimiter)
This was quite suspicious. Then, a sense came within me, of “Replacing extensions with symbol”. So, i replaced “hello.txt~” with “hello~.txt”
Now, went to change “hello.txt” to “hello~”
Thought that there is no vulnerability and it is quite decent now to “Not Report any vulnerability”
Then before closing the website, i went through technologies used in the website using “Wappalyzer” :- https://www.wappalyzer.com/
While going through, i saw that “https://example.com/index.html” loads as “https://example.com/index.html~/” in Page Source Code.Source Code Disclosure.
I took the website page code seriously, and removed index.html, with just “index~” and I hit enter key.
And there i was able to get source code disclosure of the website and get to know about SQL queries working at the back…which was a complete “Sensitive Information Disclosure”.
It fetched me Appreciation for finding a new type of vulnerability at the platform.
Tips : Use the special symbols (~, !, @, #, $, % etc) only when there is acceptance of it in the source code of the page, else it will be a time waste.
— — — ======— H@ppY_H@ck1nG —======== — — —