Hi everyone, its cyberbeat again! Today I’m here to tell you about a very easy bug that I found out and hopefully will help everyone motivate you find more bugs.
So there was a target that I was hacking on and I was using Shodan to look for vulnerabilities. Oh by the way, Shodan is a search engine specifically designed for internet-connected devices and systems. Unlike traditional search engines that index web content, Shodan indexes information about devices on the internet. It’s often referred to as a “search engine for hackers” because it can be used to find devices and systems that may have security vulnerabilities. I specifically use this to find vulnerabilities in the target that I’m trying to hack.
Back to the story, I figured out an IP that was pointing to the target. The shodan link was looking something like www.shodan.io/host/xx.xx.xx.xx . Upon further investigation, I ran a port scan and found out that one of the port 8855, there was a login panel there (https://xx.xx.xx.xx:8855/site). I wanted to bypass the admin panel to gain access so I tried SQLMap which it failed. It didn’t clicked in my mind but suddenly when I tried admin/admin it logged me in!!!
I was so happy about it and wanted to find other domains that could have default credential access. So I used one of the tools called dirsearch. It is a tool that does directory brute forcing and I found out couple of directories in that domain.
Some targets where I was able to find default logins were:
I submitted the report and was able to get $300 for the bounty!
I hope this helped you motivate towards bug bounty. It is hard at first but if you remain persistent, you will definitely get success in it. See you next time with some other good reports!