Accidental Bounty😁😆
This is the story of my life… just kidding XD… This is the story of how I found open redirect accidentally and got 300USD bounty… If it wasn’t for covid 19, would have got some swag as well😥. Anyway, happy with what I got because I wasn’t expecting this much bounty from a mere open redirect😂. Let’s get started.
We all know how much we love testing new things be it software, application, website, etc… at least I do🤷♂️. So, one day while using an application (recently installed), it asked if I’d like to join beta program for some new feature (can’t disclose) it’ll be releasing. I was sure why not and signed up for it.
After some days, I get a mail stating my entry into beta program. After which I just configured it to test later. While configuring, it asked for my email to authenticate (check if I’m applying for beta or signing in as beta tester). Entering email and after getting signing link, it redirected me to the home page and the URL was like `https://www.example.com/authenticate/?path=/` and after redirection, it was simple URL `https://www.example.com`. Now I thought of let’s quickly try a simple basic open redirect payload before leaving. Now changing the URL to `https://www.example.com/authenticate/?path=@google.com` and pressing enter…💥💥 got redirected to google. After which I tried some more vulnerabilities to escalate the severity, but none of which worked.
After pondering whether report right now or later after testing some more, I decided to report, after which everything that happened led me to here😆😆.
Thanks for reading, see you soon again.
