One thing i have learnt with the hacking community is sharing is caring. If you have some nice findings you should definitely share it, so here i am with a blog after a very long time. This vulnerability was one of my interesting finding.I usually keep by burp open all the time. Meanwhile i was trading on a cryptocurrency trading platform. Going forward we will use “abc.com” for the trading platform.
I saw a deal where the ripple (a cryptocurrency) was trading at very low rate. But unfortunately i was not having money in my wallet. So i added money in my wallet. Meanwhile after adding the money i looked at the burp logs, which looks as the normal request.
But out of curiosity I thought of playing with the request. Immediately i turn on burp intercept. Repeated the same process of adding money but this time i deliberately failed the process instead of adding money, so when the command was going from the payment gateway back to “abc.com”, i changed the response with the earlier successful response with a change in timestamp and transaction id.
To my surprise i got a notification stating money was added successfully to my wallet. I immediately went to transaction history and i was surprised to see money was added successfully.
I quickly followed up with the team, they was fast enough to fix.
And this is how I was able to add money in my wallet without paying for it.
14-April-2020 — Bug reported to the concerned company.
15-April-2020 — Bug was marked fixed.
15-April-2020 — Re-tested and confirmed the fix.
02-May-2020 — Rewarded.
Thanks for reading!