How I earned $$$ with simple Privilege escalation
What is Privilege escalations?
Its simple mean breaking logic of the application and getting illicit access of raised freedoms, or honors, past what is planned or entitled for a utilization.
How I was able to Find Privilege escalation?
So lets consider that target name site.com. The main aim of the site.com was to manage social media with team collaboration. site.com has two roles in the project Owner and Team Member where Owner is a Super Admin & Team member is simple user with limited access in the project like edit all files, add new users but users with Team member roles don’t have access to demote/remove the owner.
So I was able to demote owner with lower privileges to perform privilege escalation.
Steps to Replicate the Issue :
1. Go to the owner’s project settings with Team member role.
2. Invite any user to perform deleting the owner.
3. Fire up burp suite > Turn intercept on > Capture the request while removing the invited user.
Request will look like this :
4. Simply change the user id with owner user id and forward hte request.
(You’ll get the owner’s user id in response permissions page.)
Owner successfully deleted from project.
Impact :
Users with low privileges can easily remove the owner from his project.
Reward with $250 : )
Well if you love this write up drop a clap 👏
Thanks for reading !!
