This is My 1st Bounty Rewarded Story and 1st Writeup.I am still learner not a pro man and week in english so ignor mistake spelling.My internet journey begin 2015. The first hacking word I could Found on My Facebook NewsFeed. From that moment on, hacking created a curiosity. After that I got to know about white hats and black hats. Then the interest in learning how to work white hats hacker.Then i am search on Google and Youtube.I am found many many resourcse.I hope Every Body already Know Google and Youtube World Best University For Everything Learning.One Day i am reading a blog post here i found 1 line here author write a line about Bug Bounty Programme.Then my curiosity jump Low level to High Level what is Bug Bounty Programme.Then I am again search google about Bug Bounty Programme Becasue i am already gather white hat hacking knowledge.Then i am found a interesting blog about Bug Bounty Programme to earn Money.Then i am setup my maind to learn about bug hunting,Then i am again search on google found many resource and start learning bug hunting method.Then i am join facebook,twitter bug bounty hunter group.I am skip many point in my bug bounty journy because its not possible to finished write 1 post.
Lets start how i am found IDOR Vulnerability.Report status (Unresolved) so i am not mention site name.
after 1.5 year later i am login my bugcrowd account.Then i am choose a site.then i am find this sites subdomin using Sublist3r i am found many domain then i am check one bye one domain in my browser.
Then i am found a site and create a account here after i login dashboard i see here one 5 star review section.Like Below:
Then i am create 2 account and copy client id.Like Below:
user Profile (A)
firstname.lastname@example.org > client id= 5d0687ab5568c800dc14aaae
Attacker Profile (B)
email@example.com > client id= 5d068d935568c800df14aa97
Then i am capture puting review request in bup suite.Like Below:
Then i am replace user Profile (A) client id to Attacker Profile (B) client id and change 5 star to 2 star then forward request.Like Below:
Boom then i see user 5 star rating successfully change to 2 star rating.Like Below:
My Feeling Below The Giphy Because Its My 1st Bounty />
Some Resource I Share Below.This Sites Writeup and poc i am follow many times:
Thanks For Reading.Here My Facebook Profile feel free knock me any question about bug bounty.
Remember: I am not a pro man I am Still Learner In This Field.