Hi There,

Renganathan Here, I’m an Ethical Hacker & a Security researcher.

I’ve been acknowledged by LinkedIn, United Nations, BYJU’s, Nike, Lenovo, Upstox for reporting security vulnerabilities in their web applications.

So I came back to bug bounties after almost 2 months. I had exams after the IRCTC bug.

Let’s call it target.com, They offer a Hall of fame based on criticality.

I started with a shodan dork. I have a premium account of shodan.io that they gave free to their users for one day last year :P

ssl:target “200 ok”

I found some FortiClient VPN login pages

So without wasting any time I went to GitHub and used the below dork

“target” “username” “password”

Soon on top of the result I found a repo containing below data ^_^

---------------------------------------------------git token: xxxxxxxxxxxxxxxxxxxxxxgit username: xxxxxxxxxxgit email: [email protected]
--------------------------------------------------jenkins user: xxxxxxxxxxjenkins pass: xxxxxxxxxx
-----------------------------
forticlient:
login id is - xxxxxxxxxx
password - xxxxxxxx

Then I googled the name of the repo owner and came to know that it was a Software developer working in Target.com

I logged in using those FortiClient Credentials

And yeah, the rest is history :D

I reported this to them and It was patched soon and got listed in their hall of fame.

Thanks for reading :)
Stay Safe.

https://www.instagram.com/renganathanofficial

https://twitter.com/IamRenganathan