An Effective 5 min recon leads to a Hall of Fame

Hi There,

Renganathan Here, I’m an Ethical Hacker & a Security researcher.

I’ve been acknowledged by LinkedIn, United Nations, BYJU’s, Nike, Lenovo, Upstox for reporting security vulnerabilities in their web applications.

So I came back to bug bounties after almost 2 months. I had exams after the IRCTC bug.

Let’s call it as target.com,They offer a Hall of fame based on the criticality.

I started with a shodan dork. I have a premium account of shodan.io that they gave free to their users for one day last year :P

ssl:target “200 ok”

I found some FortiClient VPN login pages

So without wasting any time I went to GitHub and used the below dork

“target” “username” “password”

Soon on top of the result I found a repo containing below data ^_^

---------------------------------------------------git token: xxxxxxxxxxxxxxxxxxxxxxgit username: xxxxxxxxxxgit email: xxxxxx@redacted.com
--------------------------------------------------
jenkins user: xxxxxxxxxxjenkins pass: xxxxxxxxxx
-----------------------------
forticlient:
login id is - xxxxxxxxxx
password - xxxxxxxx

Then I googled the name of the repo owner and came to know that it was a Software developer working in Target.com

I logged in using those FortiClient Credentials

And yeah, rest is history :D

I reported this to them and It was patched soon and got listed in thier hall of fame.

Thanks for reading :)
Stay Safe.

https://www.instagram.com/renganathanofficial

https://twitter.com/IamRenganathan

17 | Building R Protocols | Security Researcher | LinkedIn, Canva, United Nations, Medium, BYJU’s & 20+ companies. https://expy.bio/renganathan