How I earned +240$ from a Zero Interface✌
bonjour Hackers, I’m Saransh Saraf AKA MR23R0.
Let’s Talk About how I earned 240$ from a website who doesn’t even have any features or interface.
So lets start from the Start 🥱, I mean starting of my bug bounty career.
So as everyone I started to look for Hall of fame programs, using random dorks, Github lists and etc.
By doing that I accidentally found the target.com program.
In it’s home page there was only one thing the logo that's it.
But I managed to get Hall of fame :)
After three months while I was reading my old reports I found that report and I decided to hunt more.
Then I submitted the SSH user Enum issues and Some Dos issues, and when the response came I was shocked he was giving me 50$ for each because I was already in his hall of fame page.
after hunting on his entire site and subdomains (Only posts and blank page Clickjacking) I noticed that he is giving bounties on only valid reports there wasn’t any low-medium-high chart to decide which issue will be accepted so,
I Reported missing headers also and got 30$ bounty for each 😂
I even reported the out dated servers and got 20$ for it.
Total bounty received : 240$
pending reports : 7 (All valid 😉)
Quick Update, Total bounty from that program is 410$ Now 😌
This article was all about understanding the mindset of the team and the program owner, to make more bounties :)
I hope you enjoyed and learnt something from it.
if yes please give a clap and follow on Instagram for day to day hunting experiences.
Saransh Saraf 🤣
Instagram : https://www.instagram.com/sarans0x00h/