Hello people i have back with new hacking story !! . so yesterday i was hunting on one of the vdp program let’s consider it xyz.com . so let’s hack it !!
Let’s hack
so when i go to my target https://xyz.com I started recon first i start finding subdomains of my target by the using subfinder . and save it in file
subfinder -d xyz.com -o xyz_sub.txt
then i run some tools for finding bugs but i don’t find anything .
then i find waybackurls of my target
cat xyz_sub.txt | waybackurls | tee -a xyz_url.txt
then i found 10K+ urls and i was like
It is very hard to check each url then i think to find some login panels for sql injection …..
cat xyz_url.txt | grep “login” | httpx -mc 200
cat for opening urls files
grep to extract urls who contains login parameter inner them
httpx -mc 200 :- only whose urls who are alive / and on working phase
then i found some urls who but i try sql injection but do’nt work then i found two urls which looks same
https//subdomain/:fileter/status%5D=either&filters%5Buser_login%5D=name
https//subdomain/:fileter/status%5D=either&filters%5Buser_login%5D=name2
then i open the url in first my view i do’nt understand what is this…
then i again open this …
after some time i found that these are the employees account who translate companies documents . in this account i able able to access every detail about translate and also i am able to see employees details who are they and there name and when they join company . then i think lets try to edit these translates then i found a link you have to login to edit this translation . then i click on the link i found wordpress login panel ..
then i go to login panel who contains username and password .
i have username . but i am not sure it will work then i enter username ( name which i found in url) . boom !! it give me error password is incorrect for this username name . that means user is present in the database i can perform burth force attack to got access !! then i reported it ..
THANKS …
Follow for more ..
INSTAGRAM :-
https://www.instagram.com/m_i_lan___jain/
LINKEDLN:-