Overview
Hey Guys I'm Matin,In the realm of cybersecurity, the proper handling and storage of sensitive information are paramount. Recently, I discovered a critical bug in some program at hackerone that involves the insecure storage of sensitive data. This flaw poses a significant risk to user privacy and data integrity, making it essential for immediate attention and resolution.
The Discovery
During a routine security audit of this program, I identified that sensitive information on a backend code and leakage server license and many more, let's know how to find it.
Steps To Reproduce:
first we need subdomain enumeration at target for example use subfinder and httpx for domain information at this command :
subfinder -d example.com|httpx -td --title --status-code After that, I will be found an administrator title on terminal, so this is a good domain for many test cases on my methodology.Now get browser and enter URL
and so many fetchers on this domain 👾
Click Administration and download XML file on my computer.
We are many URL and jar file I replaced this location on my patch and after that I have jar file, but what is this?
Now let's get Start Revers Skill 😈
first step, i have read string on this command :
cat commons-logging-1.1.1.jar|stringsnow I have data but It's not enough :
after that, I have open jar file on jadex now let's see what we have :
and boom 💥I have default user and password server backend code on java and many more data on this program.
Happy Hunting XD
