How Fuzzing helps me to get my first bounty?

Hello Everyone,

I’m Praveen Mali (PMMALI). This is my first writeup and in this writeup I will tell you how fuzzing leads me to my first bounty.

So I was testing the target let say target.com and lots of domains and sub-domains are in scope. On one of the subdomain I saw a default SMS Service page that they were using.

Then suddenly my mind triggers me to fuzz for the endpoints.
I fuzz the subdomain with FFuF.
Command was: ffuf -w fuzz-Bo0oM.txt -u https://sms-express.target.com/FUZZ -mc 200 -ac -recursion

I got one of the endpoint’s status code 200 and the endpoint was .gitignore.

I open the url in browser with the endpoint https://sms-express.target.com/.gitignore and one file was downloaded.
There were lots of path of more sensitive directories.

I immediately reported the bug and got $100 bounty (My first bounty).

Thank you so much for reading 🙏

My LinkedIn ID: https://www.linkedin.com/in/praveen-mali/

My Twitter ID: https://twitter.com/pmmali_

From Infosec Writeups: A lot is coming up in the Infosec every day that it’s hard to keep up with. Join our weekly newsletter to get all the latest Infosec trends in the form of 5 articles, 4 Threads, 3 videos, 2 GitHub Repos and tools, and 1 job alert for FREE!