AI helped me get $500 bounty with just one line of code
One of the special HackerOne programs invited me. I worked on it for more than a week and couldn’t find any bugs. Although it had a very large scope, the program was old and dated 2021. They paid more than $1 million as a bounty. The first reputation was 9000 so whatever kind of bug I reported was all duplicates were not accepted more than 20 times XSS reported all duplicates I had better change the plan. Then I sent a small report to Information Disclosure and received $ 200 It was a very good bug. I knew that this kind of bug is acceptable and there are many.
Then I reported several such bugs, all of which were accepted. Finally, I was able to use CHATGPT
CHATGPT
Then using the DIRSEARCH tool I was able to find a file containing some JSON information I did not understand anything I gave up, but the next day I came back to the same subdomain again scanned the same file without knowing this will be RCE I asked CHATGPT What is this code? he replied
Spring Boot Actuator H2 RCE
CREATE ALIAS EXEC AS CONCAT('String shellexec(String cmd) throws java.io.IOException { java.util.Scanner s = new',' java.util.Scanner(Runtime.getRun','time().exec(cmd).getInputStream()); if (s.hasNext()) {return s.next();} throw new IllegalArgumentException(); }');CALL EXEC('whoami');
I had no information about the Spring Boot Actuator H2 RCE.
So I asked chatgpt and they told me it would be RCE. But I reported it directly and was accepted as high (7.5). I was very surprised
Then the staff asked me to turn it into RCE. I tried hard, but the server wouldn’t restart, so they turned it into medium at high (7.5).
What do I want to tell you here?
Those of you who are new to bug bounty and often have something in front of you that you don’t know about, you can use chatgpt to answer your questions