As a cybersecurity enthusiast and bug bounty hunter, there’s no better feeling than discovering a critical vulnerability that contributes to the security of a major organization. Recently, I uncovered a P1 security misconfiguration on the admin dashboard of Tata Motors’ website through diligent enumeration and manual testing. Here’s the detailed journey of how I found and responsibly reported this bug.
Firstly, I started with Subdomain Enumeration using tools sublist3r and subfinder. Then I filtered out the live subdomains using HTTPX tool.
During manual exploration of live subdomains, I found a subdomain that led to a login page. This piqued my interest, as login functionalities often indicate a higher chance of sensitive operations.
I decided to test for default credentials, a practice that, while simple, often yields significant results. After just two attempts, I was able to log in as an admin using a set of common username and password.
- Username: admin
- Password: admin
Once logged in, I had complete access to the admin dashboard. I could add, modify and delete their customer details.
The severity of this issue lay in the fact that an unauthorized individual could easily compromise sensitive data and disrupt operations. For a company of Tata Motors’ stature, using such weak credentials on a critical asset was shocking.
Few Thing to take note here :
1. Never Underestimate Basic Attacks: Even large organizations can overlook simple security best practices.
2. Enumeration is Key: A thorough reconnaissance phase is crucial to uncovering hidden vulnerabilities.
If you’re a bug bounty hunter, always start with the basics — you never know what you might uncover.
Happy Hunting!
