how i found 3 open redirect bugs on hackerone public program?
(total worth 300$)
Hi everyone,
i have found three open redirection vulnerability on hackerone public program(truecaller).
but i got three are duplicates.its ok we are hackers, duplicates are common.
i was found these three bugs just by using below github open redirect payload list:
first i was get this open redirect vulnerability on “ 404 status code” subdomains.
just simply add //evil.com after subdomain url,then its redirected to the
evil.com.
above three are proof for my finding, duplicates but i happy with my self,
i have capable to finding bugs on web applications after many downs and more “not applicable”.
tip : “test 404 status code domains, most of the hackers was not tested those domains.”
if you want free bug-bounty stuff:
just follow my telegram channel(its free)