MY SAD BUG HUNTING JOURNEY ON ADAFRUIT

Hi, listener
I’m aniket and I’m a security researcher recently I start finding a bug on adafruit but I fail on this mission now I’m discussing that how I’m starting to find a bug in adafruit website. basically, we all know finding a bug and earn a bounty is called bug hunting so I’m told you about my experience on adafruit let’s get started.

The first step is to find a target for testing so I select adafruit and the Second step is to get some information about the target then I start searching for his Sub-domain’s I use aquatone, sub-finder,asset-finder, and my own script to find subdomain then I got subdomain file then I check which one is working or not so I use meg and also EyeWitness his work to take a screenshot of domains list finally I got well- behaved list of domains then I use crawling on subdomains to get hidden link’s with the help of waybackurls. Now I’m telling you about manual testing, not automation because we all know about automation we use some vulnerability scanner’s like owasp zap proxy, burp suite scanner, Nikto, uniscan, vega scan, nuclei, and so on

First, I target the authentication page’s mean login form that there is some vulnerability like rate limiting, user enumeration, 2fa bypass, Account Takeover like IdoR to account takeover, token leakage through reset password, etc. but In adafruit, there is no vulnerability on login page then I go for XSS, SQL, RCE with manually testing or Automation but adafruit use Cloudflare protection so when I enter XSS, SQL, RCE payload then I’m blocked then I will try to bypass it but I can't so I start finding on API but there is also a restriction on user mean when I go for the sensitive file they give me forbidden 403 this time I also think to bypass it but nothing was found on it. I use curl commands, Apply all header’s as possible I do, So there is also no file upload option, and not big attack surface only one main domain was there to Test it.

so I decide to find responsible disclosure I use dirsearch,ffuf, and also a brute force for some sensitive file but there is also 403 forbidden page again I try to bypass but I can't now I decide to give up but I See recently in a blog page that there is comment form and However, I’m not try on it then I will go for it then apply some payload of XSS first-of-all I tell about how many columns in there first names second is Gmail and comment so when I add simple payload on the name then I get the error that “name is invalid” so I add some encoded payload then it’s bypass when I see this I’m happy that wow I got it but when I click on my comment the alert was not generated then I will add some other encoded payload But my luck is not my hand so there is nothing vulnerable point behave of me. so I decide that This is not for me and i give up and start finding a new target.

So it’s my sad journey on adafruit
I hope when you read this u started crying

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

Please help our environment with the 5F Eco foundation of India

@5FECOFOUNDATIONOFINDIA

We can sit back, do nothing and watch our planet be destroyed. Or we can take action, become advocates, and start making lifestyle choices that are kinder to people and the planet

If Someone is interested to help our environment with the 5f eco foundation then Contact him

Linkedin:

https://www.linkedin.com/in/5f-eco-foundation-of-india-766674214/?originalSubdomain=in

Facebook:

https://m.facebook.com/5fecofoundationofindia/

Instagram:

https://www.instagram.com/5fecofoundationofindia/

Twitter:

https://twitter.com/5fecofoundation

Website:

http://5fecofoundation.org/

— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —

And,

For contacting me please follow me on Linkedin:

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store