My experience of Hacking The Dutch Government

The vulnerability

So again I randomly took a domain from the list started subdomain enumeration but that domain has only 1 subdomain which is like the main domain only. I focused more on the main domain and gathered some parameters using different tools and one of the parameters looks very suspicious it was like:

Conclusion

Now I was pretty sure that this will be accepted and after a few days I received the mail

TIP

I was hunting on this program for 4 To 5 months and as I mentioned, I got many duplicates and N/A’s, but I never lose hope and whenever someone gets that swag from the community I reach out to them and ask them all the details about the vulnerability they reported. If I ever feel like I am losing my motivation to hunt on this program I watch zseano videos.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store