How Burpsuite-pro helped me to get a 5 digit Bounty !

Hello ppl, This is Aravind here with another awesome write-up. So now am gonna tell the story about how burpsuite pro helped me to get a 5 digit bounty and surprisingly this is my highest bounty ever. OKK, now lets get into the kutty story…

The target was an eCommerce site which was selling men fashion products, and you guess what? I went to that site to just surf for some products. After roaming the site, I found that it was having various interesting functionalities and I thought of testing that for at least once. So I just stated to inject some basic scripts to know the security of the website and found its properly secured. I have an habit that while testing any target site manually, I also do automated scans with some Vulnerability scanners and Burpsuite’s Audit-Scanner one among that. If you don't know about this feature of Burpsuite Pro Version, check it out here. This is Available only in pro version and hope you know how to get it for free 😅.

When you use this scanner, there are chances for getting negative results. So you need to verify and test all the results manually again. The Software itself will categorize the bugs according to their severity. I got a High priority result which was a certain bug asper the result. Quickly I reviewed the result and DAMNN, there was a SQL Injection possible into the web server.

The bug was an Time Based SQLI, which allowed me to delay the response of the website using the payload ‘+(select*from(select(sleep(20)))a)+’ While injecting this payload into a parameter, the response was delayed by 20171 seconds which verifies the bug.

Normal Response — Before Injecting the payload
Vulnerable Response — After Injecting the paylod

Reference 1. https://owasp.org/www-community/attacks/SQL_Injection

Reference 2. https://hackerone.com/reports/1042746

Thanks for reading this guys, hope you enjoyed and learned something here. That’s the end of this write up. If you want me to take any Bug Bounty or Ethical Hacking Classes in your events, reach me out (Mail: gnanaaravind07@gmail.com) for free sessions. I luv sharing my knowledge. I mean if you conduct any events I can be a speaker there.

I too run a student community where we conduct lot of technical events for the enrichment of young people. Connect with us if you wanna explore the world and boost your career. Join us @cyberonics_official.

See you in yet another write-up guys, visit my profile and follow for more such write-ups…

--

--

Teen • Cyber Security Enthusiast • Arduino & IoT Developer • Web Developer • Web app Pentester • Forensics Analyst

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Gnana Aravind K

Teen • Cyber Security Enthusiast • Arduino & IoT Developer • Web Developer • Web app Pentester • Forensics Analyst