How I earned +240$ from a Zero Interface✌

bonjour Hackers, I’m Saransh Saraf AKA MR23R0.

Let’s Talk About how I earned 240$ from a website who doesn’t even have any features or interface.

So lets start from the Start 🥱, I mean starting of my bug bounty career.

So as everyone I started to look for Hall of fame programs, using random dorks, Github lists and etc.

By doing that I accidentally found the target.com program.

In it’s home page there was only one thing the logo that's it.

But I managed to get Hall of fame :)

After three months while I was reading my old reports I found that report and I decided to hunt more.

Then I submitted the SSH user Enum issues and Some Dos issues, and when the response came I was shocked he was giving me 50$ for each because I was already in his hall of fame page.

after hunting on his entire site and subdomains (Only posts and blank page Clickjacking) I noticed that he is giving bounties on only valid reports there wasn’t any low-medium-high chart to decide which issue will be accepted so,

I Reported missing headers also and got 30$ bounty for each 😂

I even reported the out dated servers and got 20$ for it.

Total bounty received : 240$

pending reports : 7 (All valid 😉)

Quick Update, Total bounty from that program is 410$ Now 😌

This article was all about understanding the mindset of the team and the program owner, to make more bounties :)

I hope you enjoyed and learnt something from it.

if yes please give a clap and follow on Instagram for day to day hunting experiences.

Kind regards,

Saransh Saraf 🤣

Instagram : https://www.instagram.com/sarans0x00h/