Kevin – Medium

Published in InfoSec Write-ups

·Jan 29

How I Made $16,500 Hacking CDN Caching Servers — Part 3

@bxmbn — Cache Poisoning DoS Via X-Forwarded-Scheme Header Bounty: 3,000 I didn’t know this was a thing, until i saw @iustinBB ’s a blog about their research on Cache Poisoning Cache Poisoning at Scale Sending the x-forwarded-scheme: http header would result into a 301 redirect to the same location. If the response was cached by a CDN…

Bug Bounty

2 min read

How I Made +$16,500 Hacking CDN Caching Servers — Part 3

Published in InfoSec Write-ups

·Jan 29

How I Made $16,500 Hacking CDN Caching Servers — Part 2

@bxmbn — A Nice Way To Hide XSS Bounty: $2,000 While Google Dorking, i found a particular URL, but this time, was not being cached, but if i added an cacheable extension file (.js , .css) at the end of URL, it would cache the response. Now, all i needed was to found a XSS. I found an…

Bug Bounty

2 min read

How I Made +$16,500 Hacking CDN Caching Servers — Part 2

Published in InfoSec Write-ups

·Jan 29

How I Made $16,500 Hacking CDN Caching Servers — Part 1

@bxmbn — Cache Poisoning To Stored XSS Bounty: $6,300 This was actually my first Cache Poisoning, I initially reported it as a cache Deception issue, because that is all i knew about caching exploits at that time, and the reason how and why this ended up being triaged and awarded as a Cache Poisoning to Stored XSS…

Bug Bounty

2 min read

How I Made $16,500+ By Hacking Caching Servers — Part 1