My write up about UBER Cross-site scripting by help of KNOXSS

Sorry for my bad English

This is my first write up about bug bounty.

but i will do it to support the great man @brutelogic and his great tool @knoxss_me

It was a dream to find XSS in uber and be in uber HOF

So i made a purchase to @knoxss_me ( pro version) and start looking for XSS in uber sub domains

I used some tools to extract sub domains like Sublist3r and aquatone

After a long time of looking i have found this sub domain

https://payment-providers.uber.com

So i noticed that it is not show any thing just a white page

so i started brute force to get any bugs or directory listing or any valid parameters or files

I used dirb tool in kali linux to brute force valid parameters

https://tools.kali.org/web-applications/dirb

And after some time i got this end point

https://payment-providers.uber.com/health/

So i fired up the @knoxss_me and for my good luck i got the magic XSS box from @knoxss_me service

KNOXSS service

I was very happy to got it and i tweeted about it before report it

But my signal in hackerone is too low so i sent an email to uber support email and Rob Fletcher from uber support team white listed my account to report it in hackerone

Final report to uber

uber Cross site scripting

After that i reported it and they triaged it and got 500$

Thanks to @brutelogic and @knoxss_me and special thanks to @knowledge_2014 for supporting me

Time line:-
 07/08/2017 Email sent to security-abuse@uber.com

07/08/2017 Got replay from Rob Fletcher said Ok, cool, you’re account should be whitelisted

07/08/2017 Reported to uber hackerone page

08/08/2017 changed the status to Triaged and rewarded with a $500 bounty

23/08/2017 closed the report and changed the status to Resolved

25/08/2017 decided that this report is not eligible for a bounty because payment-providers.uber.com isn’t typically used in a web browser