The easiest $2500 I got it from bug bounty program

How I found the vulnerability?

Read more about number anonymization feature…

How to reproduce the vulnerability?

How did I report the vulnerability?

Lessons learned

  1. I had no experience in the field of information security when I found this vulnerability, but I have a curiosity that pushed me to click here and there until I found this vulnerability, so use the application or website and walk through it and understand how it works, then start your hacking, that will give you good results and you will find a lot of bugs.
  2. Pay your attention to logic vulnerability.
  3. When you suspect that you have found a vulnerability and you are not sure, consult a close friend of yours and do not lose hope.

Thanks for your reading, I hope my story was useful.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store