How Recon helped me to Bypass the Admin Panel.

Hello Friends,

I hope all of you are doing well in Bug Bounty.😄
I'm happy to share with you about my recent discovery.

How I Bypassed Admin Panel using simple recon.🔥

So let's start,
Organization does't allow me to share full finding so consider organization as target.com.

I use knockpy for gathering subdomains.😉
After searching all domains, I decided to target a subdomain which was based on Apache Tomcat.
"portal.target.com"

I quickly open this domain and it redirects me to the login panel.
https://portal.target.com/example/wStartUpLogin.jsp

So first I searched for default credentials but it didn’t work.
Then i put "admin" in both field but same result.🙁
I tried all methods like SQL payload etc. But didn’t worked..🤔

I wasted 2 to 3 minutes for this process... 😌
Now It’s Recon time,
As I already mentioned in my previous article,
I use duckduckgo as my search engine.😍
I used simple dork :-
site:"portal.target.com" -www

In a few seconds I get results and some URLs.

I opened all the URLs in "New Tab" but it redirects me to login page. 🤨

One thing that I noticed here, all the URLs are authenticated so it redirects me directly to the login page.

Now there is only one way to access this url but I wasn't sure if it would work or not..

I just open "No Redirect" Add-on and enter domain name like this :-
"https://portal.target.com"

I just visited the authenticated url again and this time it does not redirect me to the login page ... it means I bypassed admin panel..

This organization was related to the university..
So i able to access all the (students/teachers) information. Like name, email, number and many more information..

And also that I was able to add myself as a student to their university. 😂

Quickly I made a video and reported it to the security team..
They fixed the issue within 10 minutes.😋

The organization doesn't actually run the bug bounty program, but surprisingly they gave me a $200 reward as a token of appreciation..🤑♥️

Never lose your hope..🙂 Make every effort to bypass the login panel..🔥

I hope you enjoyed this article and i apologize for my weak English if there is any mistakes in this post.😅
Thanks for reading my article, have a great day . 🙂

Related posts:

New people scare me. Meeting new people means making small talk, and I panic when I have to make small talk. I think small talk deserves the terrible reputation it’s gotten over the past few years…

The triad explains why “humans remain so steadfast to their beliefs, sometimes even in the face of overwhelming opposing evidence,” says New York University’s psychologist Gary Marcus. In the 1950s…

If you are someone who is currently in a situation where you feel as though others are constantly taking advantage of you, or where you feel like a doormat sometimes and find yourself always putting…