($$$) Broken Authentication and IDOR at [REDACTED]

Proof of Concept

First is understanding the program, *.redacted.com is in scope so we can try to find all of the subdomain of the website. We can use tools to enumerate subdomain like Sudomy, Subfinder, Sublist3r, etc.

Wordlist login
Wordlist newsroom
  • or Save and edit the source code locally
Source code
Admin panel
Javascript source code
Bounty

Timeline

  1. 1 October 2021: Initial Report
  2. 4 October 2021: Report Validate by H1 Team
  3. 11 November 2021: Bug Fixed and Resolved
  4. 7 December 2021: $$$

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store