#Bug_Bounty_Tips_28
🛡BugBounty_Tips
🌀Price manipulation methods
Method #1:
If the product price parameter cannot be changed, change the quantity of products:
Method #2:
Add 2 products to the basket – let’s consider a single product is $40
If the request is processed in this way:
Select any item to purchase
Select PayPal as a payment method, intercept all the requests
Until you got a parameter called ‘amount’ from PayPal
Manipulate with the price and change it to 0.01$
Pay, and wait for the confirmation
☣️@InfoSecTube
🛡BugBounty_Tips
🌀Price manipulation methods
Method #1:
If the product price parameter cannot be changed, change the quantity of products:
items[1][quantity]= 1 –> 234 EURCongratulations, you bought the order for 10% of the price!
items[1][quantity]= 0.1 –> 23.4 EUR
Method #2:
Add 2 products to the basket – let’s consider a single product is $40
If the request is processed in this way:
{“items”:{“laptop”:1,”mobile”:1}}
Change the JSON body to:{“items”:{“laptop”:4,”mobile”:-2}}
The cost will become $20 for 2 items:4 * $40 – 2 * $70 = $160 – $140 = $20Method #3:
Select any item to purchase
Select PayPal as a payment method, intercept all the requests
Until you got a parameter called ‘amount’ from PayPal
Manipulate with the price and change it to 0.01$
Pay, and wait for the confirmation
☣️@InfoSecTube
#Bug_Bounty_Tips_29
🛡BugBounty_Tips
🌀Find javascript files using gau and httpx
Here’s a recon tip to find javascript files hosted on our target using gau and httpx utilities:
In order for this combo to work, we have to install the following tools:
httpx
gau
☣️@InfoSecTube
🛡BugBounty_Tips
🌀Find javascript files using gau and httpx
Here’s a recon tip to find javascript files hosted on our target using gau and httpx utilities:
echo target.com | gau | grep '\.js$' | httpx -status-code -mc 200 -content-type | grep 'application/javascript'What this combo will do is that it will collect all known URLs for our target from the AlienVault’s Open Threat Exchange (OTX), the Wayback Machine and Common Crawl, fetch them using httpx and then display only javascript files.
In order for this combo to work, we have to install the following tools:
httpx
gau
☣️@InfoSecTube
Forwarded from InfoSecTube
🔺A curated list of Android Security materials and resources For Pentesters and Bug Hunters(Will be updated)
💎link
☢️@infosectube
💎link
☢️@infosectube
GitHub
GitHub - saeidshirazi/awesome-android-security: A curated list of Android Security materials and resources For Pentesters and Bug…
A curated list of Android Security materials and resources For Pentesters and Bug Hunters - saeidshirazi/awesome-android-security
#Bug_Bounty_Tips_30
🛡BugBounty_Tips
🌀Extract API endpoints from javascript files
Here’s a quick one-liner for extracting API endpoints from javascript files:
☣️@InfoSecTube
🛡BugBounty_Tips
🌀Extract API endpoints from javascript files
Here’s a quick one-liner for extracting API endpoints from javascript files:
cat file.js | grep -aoP "(?<=(\"|\'|\`))\/[a-zA-Z0-9_?&=\/\-\#\.]*(?=(\"|\'|\`))" | sort -u
☣️@InfoSecTube