Published in


How i got financial advisor by simply hack into their membership plan!

Hello Infosec geeks

As usual after wakeup and get natural things done 😂i fired up my burpsuite
and opened one old program in where I hunt few days ago

after wandering around for a while I got a membership plan button on their site from where we can hire a financial advisor.

Ohh yeah why not test this function?

They are using razorpay gateway to collect payments i clicked on pay function and got intercept that request and changed 39900 value to 1 ahha maybe they are checking some token value got error

Tried a few things for several minutes and then changed the 39900 passing value to 1000 I was like what 😮actual amount of 399 changed to 10 rupees

After sometime i got a call from my financial advisor hahaa
I laughed alot😂

Dec 11, 2021 : Reported

Dec13, 2021 : Triaged

Dec 27, 2021: Bounty rewarded

Thanks for reading:)
Stay safe at home

Connect with me on twitter

Do Follow Techiepedia for more Interesting write-ups.




Where Innovation is Composed

Recommended from Medium

TOP -10 Indian Fruits to Stay Healthy Forever.

Kryptomon — The Egg Lottery Begins!

Pastor Mike Todd Spits And Wipes His Spit On A Congregant’s Face To Make A Point!

The Abysmal Arab Auntie Hurricane: Learning to Weather the Storm

Anansi’s Interweb

Log: Covid-19

Challenge One.

To Everyone Uncomfortable With My Single-Ness

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store


Web Pentester | Security researcher | Infosec geek

More from Medium

Authentication Bypass & ATO

Facts to clear about Log4J for “Bug Bounty Hunters”

OTP bypass via response manipulation

My first Google HOF

google HoF