My write up about UBER Cross-site scripting by help of KNOXSS
Sorry for my bad English
This is my first write up about bug bounty.
but i will do it to support the great man @brutelogic and his great tool @knoxss_me
It was a dream to find XSS in uber and be in uber HOF
So i made a purchase to @knoxss_me ( pro version) and start looking for XSS in uber sub domains
I used some tools to extract sub domains like Sublist3r and aquatone
After a long time of looking i have found this sub domain
https://payment-providers.uber.com
So i noticed that it is not show any thing just a white page
so i started brute force to get any bugs or directory listing or any valid parameters or files
I used dirb tool in kali linux to brute force valid parameters
https://tools.kali.org/web-applications/dirb
And after some time i got this end point
https://payment-providers.uber.com/health/
So i fired up the @knoxss_me and for my good luck i got the magic XSS box from @knoxss_me service
I was very happy to got it and i tweeted about it before report it
But my signal in hackerone is too low so i sent an email to uber support email and Rob Fletcher from uber support team white listed my account to report it in hackerone
Final report to uber
After that i reported it and they triaged it and got 500$
Thanks to @brutelogic and @knoxss_me and special thanks to @knowledge_2014 for supporting me
Time line:-
07/08/2017 Email sent to security-abuse@uber.com
07/08/2017 Got replay from Rob Fletcher said Ok, cool, you’re account should be whitelisted
07/08/2017 Reported to uber hackerone page
08/08/2017 changed the status to Triaged and rewarded with a $500 bounty
23/08/2017 closed the report and changed the status to Resolved
25/08/2017 decided that this report is not eligible for a bounty because payment-providers.uber.com isn’t typically used in a web browser