BLIND SSRF in *.stripe.com due to Sentry Misconfiguration
Here is the story , before we doing pentesting we should know our target using any third party service. i dont know about Sentry or what it is, so i dont give a damn about it. iam just using my social media account to get update on what happen in Information Security as example in my twitter , i follow some good information about HackerOne Community to still update my information about what service/application which vulnerable to some CVE :
The latest Tweets from publiclyDisclosed (@disclosedh1). This is an unofficial HackerOne public disclosure watcher who…mobile.twitter.com
And at one time HackerOne disclosed bug about their Sentry Misconfiguration , here is the report
If u ask me what happen in that report submitted by Ruvlol , i dont know what impact if we further research about that issue, because i just reproduce that issue in another company like STRIPE Inc. Because i know Stripe using Sentry to handling error HTTP response, and they run a BugBounty Program , i reproduce this issue and here is what happen
After that i reported this issue to their security team
Here is ..
04–08–18 Bug Reported
14–09–18 Awarded by Stripe
READ THE FUCKING MANUAL KIDZ !