How I Found a Credential Exposure Bug on BBC.
2021-09-21 13:46:48 Author: infosecwriteups.com(查看原文) 阅读量:53 收藏

Anirudh Srinivas Balaji

Hey all,

I’m a beginner in bug bounty hunting. Even though my bachelors was in electronics, I got fascinated with cyber security while reading about computer networks in my bachelors. As my interest grew, I got to know more about network security & web security by reading and practicing them. I was aware of bug bounties by reading articles related to them but at the start, I was not confident enough to find bugs if a target was given to me. I’m not attracted to the bounties which people post on social media and I always firmly believe that constant learning, perseverance and sharing whatever you’ve learnt matters in all walks of life. Imagine if google search was restricted only to the employees of google :P, we wouldn’t be here LOL.

After learning a bit, I thought to give it a try and after few attempts, I got a lot of N/As & duplicates. I was fuming to myself and I decided to enhance my skills properly and get back to it later. After some time, when I started to hunt for bugs again, I picked a site that was accepting bugs as per their responsible disclosure policy. I went ahead and started to do reconnaissance as I came across many articles stating that “reconnaissance is the first and foremost step to find bugs related to a target” and that’s why probably there’s a tool named ReconFTW :P(credits to the author of the tool). After few struggles and learnings, I was able to find low/medium severity bugs only because of proper reconnaissance(Note: Both Passive and Active reconnaissance can be carried out depending on the target scope and the technologies that have been used by the target).

One fine day, I got to know about BBC’s responsible security disclosure program via LinkedIn and Twitter. I started to google about the target and found their GitHub repository. I used GitHub dorks to check if there’s any sensitive information that’s been leaked in any of the repositories belonging to BBC and to my surprise, I found two valid sensitive credentials that were committed to their repository. I immediately went ahead and reported it (Note: Please make sure that the secrets you’ve found are valid and make a significant risk impact to an organization before reporting it).

Timeline:

15th August 2021- Found the issue and reported it to them.

18th August 2021- Issue was fixed and I was included on their HoF website.

Hall of fame on BBC for reporting a credential exposure bug

References:

githubdorks/dorks at master · shifa123/githubdorks · GitHub (Credits to shifa123)

Your Full Map To Github Recon And Leaks Exposure | by Orwa Atyat | Medium (Credits to Godfather Orwa)

Huge respect and grateful to the infosec community for helping out by sharing your experiences.


文章来源: https://infosecwriteups.com/how-i-found-a-credential-exposure-bug-on-bbc-513368c28cc8?source=rss----7b722bfd1b8d--bug_bounty
如有侵权请联系:admin#unsafe.sh