Overview:
On a bug bounty program, I was able to access internal dashboard of an e-commerce website and see what users have ordered along with their addresses and could also manipulate order status.
The dashboard was running on a custom port.
(2/n)
Approach:
1. The scope of the program was *.target.com. 2. Collected many subdomains using different tools, and then checked for alive subdomains using httpx. 3. Visited all collected subdomains manually, none of them seemed interesting. So I moved forward with testing.