#BugBounty — Adding Money Using Response Modification

Hello Everyone,

One thing i have learnt with the hacking community is sharing is caring. If you have some nice findings you should definitely share it, so here i am with a blog after a very long time. This vulnerability was one of my interesting finding.I usually keep by burp open all the time. Meanwhile i was trading on a cryptocurrency trading platform. Going forward we will use “abc.com” for the trading platform.

I saw a deal where the ripple (a cryptocurrency) was trading at very low rate. But unfortunately i was not having money in my wallet. So i added money in my wallet. Meanwhile after adding the money i looked at the burp logs, which looks as the normal request.

But out of curiosity I thought of playing with the request. Immediately i turn on burp intercept. Repeated the same process of adding money but this time i deliberately failed the process instead of adding money, so when the command was going from the payment gateway back to “abc.com”, i changed the response with the earlier successful response with a change in timestamp and transaction id.

A failed transaction going from payment gateway to host.
A failed transaction replaced with a successful request.

To my surprise i got a notification stating money was added successfully to my wallet. I immediately went to transaction history and i was surprised to see money was added successfully.

I quickly followed up with the team, they was fast enough to fix.

And this is how I was able to add money in my wallet without paying for it.

Report details-

14-April-2020 — Bug reported to the concerned company.

15-April-2020 — Bug was marked fixed.

15-April-2020 — Re-tested and confirmed the fix.

02-May-2020 — Rewarded.

Thanks for reading!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store