avatarHaris Muthusamy

Summary

Haris Muthusamy shares his experience of earning $400 in 5 minutes by discovering a directory traversal bug using Google Dork queries.

Abstract

In a personal write-up, Haris Muthusamy, a Cyber Security Analyst, details his successful attempt at finding a lucrative vulnerability through Google Dorking. Despite initial setbacks and finding only outdated website folders, his persistence led to the discovery of a directory with current updates within the last minute of his search. He promptly reported the directort traversal bug he found within this directory, which earned him a significant reward. Muthusamy encourages readers to follow up for more insights and shares his professional background, including his completion of a BE degree and work experience at HCL and KGiSL.

Opinions

  • The author believes that Google dorking is a crucial skill for hacking and finding private programs.
  • Despite the initial lack of success, the author emphasizes the importance of persistence in the field of cybersecurity.
  • The author is proud of his achievement, as evidenced by the detailed account of his discovery and the prompt report of the vulnerability.
  • Muthusamy values community engagement and sharing knowledge, as indicated by his invitation for followers and his willingness to post his first write-up despite potential typos and brevity.
  • He acknowledges his own limitations in writing and asks for understanding from his audience, showing humility and a commitment to improvement.

5min 400$ using Google Dork

Hey hunters! This writeup is my first writeup I’ll share with you how I get 400$ in 5min using google dorks. So, Let’s get start. This my first writeup so kindly excuse my typos & brevity.

Let’s Start

All of know that google dorking is more important for Hacking. I was seaching for a private program using dorking : index of / site: /etc/certs + “index of /” */* site:example.com ( I am not suppose to revele the program name )

After using this key work I have found so many websites with the dierctory /etc/certs. I have started to check each and every url but

but

but

all the website folders created was outdated . LOL

Then how I found a vulnerablity ???

Lets see

I didnt loose hope I was still checking its almost 4 min over there is only 60 seconds more

yaaaaaa! I found a website with current updated folders with that folder I can able to find the directort traversal bug and reported immediatly

Kindly do follow up for more updates

https://linktr.ee/harismuthusamy

https://www.Instagram.com/haris_muthsamy

Thanks

Regards

Haris M

Infosec
Info Sec Writeups
Cybersecurity
Hacking
Bug Bounty
Recommended from ReadMedium
avatarPwndec0c0
Exposing the Dark Side of Google Dorks: How I Extracted Millions of Emails.

How I was able to scrape large data of emails from the top mail domains(gmail,yahoo,hotmail etc..), .gov, .edu on of all countries and…

4 min read
avatarFady Othman
Meta Bug Bounty — Fuzzing “netconsd” for fun and profit — part 3

Welcome to the final part in this series, this time we will talk about how to generate the test cases that we can use to fuzz netconsd, in…

7 min read
avatarcryptoshant🇮🇳
Admin Panel Access via Default Credentials 🤩

Hello Hackers, In this write-up I am going to tell how quickly and easily I can access to admin panel using default credentials.

3 min read
avatarHarendra
How I Am Using a Lifetime 100% Free Server

Get a server with 24 GB RAM + 4 CPU + 200 GB Storage + Always Free

3 min read
avatarAhmed Samir Ghallab
How I Bypassed Email Confirmation: A Playful Journey into the World of Bug Hunting

I want to share the tale of an email confirmation bypass vulnerability I uncovered. It’s one of those juicy bugs that can lead to…

5 min read
avatarAbhirupKonwar
Recon: PaaS, SaaS, and Static Hosting Platforms

🚨Free Article Link: Click here 👈

2 min read