top | item 47099100

(no title)

matltc | 8 days ago

I disclosed a vulnerability much like this one. .gov website. Incrementing IDs. No password to crack, just a url parameter with a Boolean value. Pretty much

example.com/clients/fullz?id=123&butDoIReallyHaveToAuth=false

Changed param key but yeah. Just that. You did need to have an authenticated session, but any valid session token would do.

They hit me with same kind of response. I got a lawyer. Worked out in the end, but I was out three hundred bucks for the consultation

That was the last vulnerability I will ever disclose

discuss

ddtaylor|8 days ago

Proxies are cheaper than lawyers.