Uncategorized

Bigbasket Bug Bounty Writeup

This is the writeup about the Bigbasket Open redirect bypass vulnerability.

I tested Bigbasket portal for security loopholes and I picked the main domain as the target.

I fuzzed the domain with tools like wfuzz, ffuf, dirb and using Burp’s Content discovery.

While the fuzz was in progress, I noticed the next= parameter containing a URL, which means I can try Open Redirect / XSS / SSRF issues on this parameter.

I tried open redirection by replacing my domain.

I got Access Denied error which means there is a validation for the domain in the next= parameter.

So as next step I encoded my domain using online HTML encoder.

I URL encoded my domain using this Online tool.

Before URL encoding
After URL encoding

Now I used the URL encoded payload and inserted it on the next= parameter.

After I enter the credentials, and click Login – it redirects to my domain which is a successful Open redirect vulnerability πŸŽ‰

Below is the POC video.

POC Video :

πŸ’° I’ve been rewarded by their Security team and acknowledged in their Hall of Fame.

Here’s the Hall of Fame.

Bigbasket Hall of Famehttps://tech.bigbasket.com/security-at-bigbasket/

That’s it in this write up.

Thank you!

You may like

How to use Burp Suite Like a PRO? PART – 2

Ready to level up your Burp Suite skills? In part 2, I've compiled some awesome tips and tricks to help ...
burp suite advanced tutorials

How to use Burp Suite Like a PRO? PART – 1

This blog series is an advanced tutorial of the popular web application security and penetration testing tool Burp Suite,Β to help ...