Website Bug Reproducing Steps (about 100,000 customers private info)

[hash_d3m0n]

I know the title is vague
But I have steps to reproduce a bug that leaks all the personal information of the transactors including but not limited to:
- Address
- Phone numbers
- Payment Info if customer saved them on the site
- Email Adresses

**I used BurpSuite Free Version to do that

You could write a simple python script yourself to extract all the info

Daily Usage: 20k users

DM

 

[hash_d3m0n]

Edit : Need only one person.

**** If moderators can, then after one user gets their bug, I will be informing here on this thread, maybe mods could close this thread if its fine

Things you are gonna need (not worth mentioning here but)
--- Burner Number for OTP registration

*** Patience because the website is clunky and slow as a snail

 

[hash_d3m0n]

This ain't an auction. First duck to score will get it.

Guarantor accepted.

 

[hash_d3m0n]

I am online

 

[hash_d3m0n]

You got money, we got exploits

 

[hash_d3m0n]

Reply or DM for more info regarding the exploit.. IM ONLINE
Guarantor Accepted. Buyer will receive a little something

 

[hash_d3m0n]

Im observing the forum and I see users having unclear thoughts about the Bug. Private message

 

[hash_d3m0n]

Sold

 

[marti1n]

интересно
и кто купил?
или это был воображаемый покупатель?)