How i managed to get an Easy $$$$ hacking learning website

Muhammed K. Sayed
2 min readMay 28, 2023

--

Assalamualaikum brothers and sisters, hope you’re doing great.

Have you ever asked yourself What is the most valuable asset of a learning website?

Imagine having access to a website that has the key to academic achievement — assignment answers that will allow any student to get 100%. That’s exactly what I discovered during my most recent bug bounty adventure. Allow me to take you on an exciting behind-the-scenes trip to learn how I pulled off this digital theft

I had to think like a student and concentrate on what was most important to them

To access the assignment materials and answers in my target, teachers had to first validate their accounts, which required internal verification from the platform’s support team. This setback did not deter me. I decided to use Burp Suite to look for an answer to the question, searching through the requests history until I …….

I found the solutions in the form of HTML-encoded JSON. Because special characters were encoded, I had to look for a portion of the answer to uncover the buried reward. I decoded the hidden information with perseverance and a keen eye.

Conclusion

My efforts were rewarded when the vulnerability I uncovered was designated as P2 — a high-priority issue that resulted in a considerable bounty. The experience was thrilling, demonstrating that all you need to become a successful hacker is a never-ending desire to break stuff, your browser, and Burp Suite.

--

--