Many of us always try to find those Bugs which is so common like XSS, IDOR, CSRF, etc. I want to share something, which is unique and simple.
Long Password Attack —
Application-Level Denial-of-Service (DoS) — High Impact and/or Medium Difficulty — P3 (According to Bugcrowd VRT)
Some websites allow users to set a password with no restriction ie; And user can set a password with more and more number of characters, strings. Here the developer sets a loop hole. An attacker can exploit this loop hole to take down the whole application. The Application Becomes unresponsive or unavailable for a certain time period.
How I was able to find that Bug?
The program didn’t have a wide range of scope, there were only 2–3 domains which were allowed to be tested. There were already more than 70 researchers rewarded, The scope section of that program states as follows:
After reading this, I was like — let’s search for this type of vulnerability. Because after reading this, most of the researchers would not search for this type of bugs.
I was manually testing the functionality, there I found that no restrictions were there for setting up the password….. When I exploited it, the whole application got slowed down. I reported this bug. The triager responded
I gave him the proof of concept, even though he marked my report as not applicable. I again tried to explain him, but there was no reply from them.
After almost 10 days, in the morning 5.00 AM, a mail notification came stating that my report was accepted
I did it … I did it …. I did it
First bounty stories are always special..
Thanks for reading my write-up! Throw a heart to this story, If you liked please share it to your hacker friends .. Will be back with another write-up shortly. Untill that Sayonara 🥰.