Open Redirect In Flock | My First Swag pack

Hello Every one,

This  post is about an Open Redirect that i found in back in 2016

So back then, in 2016  I started finding bugs in various sites
and all I was getting was duplicate, wont'fix,Thanks and few Hall of Fame  :(

One day one of my friend posted about goodies that he has got from Flock

So i started looking for bugs on it 

Got one reflected XSS that turned out to be a out of scope site :3
And one open redirect that got valid :D
That got me my first swag pack :D

Wait a sec ? you didn't came here to read my story :v

Technical part :

This was there login system

1) User enters login credentials
2)  It gets validated
3) They Redirect to dashboard

This what the redirect url looked liked

So i changed the redirect_uri parameter value to and it worked ^_^


That's how i got my First Goodie pack.



Post a Comment

Popular posts from this blog

Exploiting CORS Misconfiguration using XSS

XSS Because of wrong Content-type Header