• XSS.stack #1 – первый литературный журнал от юзеров форума

how much could I sell 0day stored XSS invisionboard / IPboard

Отслеживать
no1

no1

Floppa
Пользователь
Регистрация
19.08.2019
Сообщения
93
Реакции
81
Гарант сделки
1
Hello, I dicovered a 0day stored XSS affecting all versions of this board and I wonder how much I can sell it.
(note that the payload is injected on a location where people are supposed to go, not like a sub detail place where no one will go)
dork -> intext:"Powered by Invision Community"
( a lot of pple modify the front and hide the powered by .... so all affected boards are not listed by the dork )

Moderators don't lock my thread please, i'm not selling but just asking how much could I if I want.

Cheers
 
no1 сказал(а):
Hello, I dicovered a 0day stored XSS affecting all versions of this board and I wonder how much I can sell it.
(note that the payload is injected on a location where people are supposed to go, not like a sub detail place where no one will go)
dork -> intext:"Powered by Invision Community"
( a lot of pple modify the front and hide the powered by .... so all affected boards are not listed by the dork )

Moderators don't lock my thread please, i'm not selling but just asking how much could I if I want.

Cheers
Hi, I don't have much experience in these things but I still try to give you a point of view.
When you sell a vulnerability, even an XSS, you have to demonstrate the impact it can have.
Depending on the impact, the value of the vulnerability can go up or down.
So, if I were you, before trying to sell your new 0day or get a price I would try to exploit it all the way to increase its impact/effectiveness ( For example by turning that XSS into an RCE and so on... ).

Anyhow I will wait for answers from more experienced people, yours is a very interesting question!
 
th3tr0ll сказал(а):
Hi, I don't have much experience in these things but I still try to give you a point of view.
When you sell a vulnerability, even an XSS, you have to demonstrate the impact it can have.
Depending on the impact, the value of the vulnerability can go up or down.
So, if I were you, before trying to sell your new 0day or get a price I would try to exploit it all the way to increase its impact/effectiveness ( For example by turning that XSS into an RCE and so on... ).

Anyhow I will wait for answers from more experienced people, yours is a very interesting question!
Thanks for your feedback and your advice, I will try to chain it with other gadgets to achieve account takeover POC if I have some free time. But i'm still curious of having other feedbacks including pricing without such a chaining to rce exploit or whatever :)
 
I think it depends on company.If it big like Spotify,Google,Microsoft,and you can make big money legal.This companys have bug bounty programs and if you proof that this vuln impact usefull information,private,or other critical vurnelab you can get 20k and more.Look at hackerone one hacker found critical vuln in Shopify and they paid him 50k.If you want sell on black market i dont now sorry im in red team;)
 
akriosss47 сказал(а):
I think it depends on company.If it big like Spotify,Google,Microsoft,and you can make big money legal.This companys have bug bounty programs and if you proof that this vuln impact usefull information,private,or other critical vurnelab you can get 20k and more.Look at hackerone one hacker found critical vuln in Shopify and they paid him 50k.If you want sell on black market i dont now sorry im in red team;)
Yeah I know im already doing hackerone but this company doesnt have a bugbounty program so I was wondering how much could I take on black market for it
 
akriosss47 сказал(а):
I think it depends on company.If it big like Spotify,Google,Microsoft,and you can make big money legal.This companys have bug bounty programs and if you proof that this vuln impact usefull information,private,or other critical vurnelab you can get 20k and more.Look at hackerone one hacker found critical vuln in Shopify and they paid him 50k.If you want sell on black market i dont now sorry im in red team;)
You clearly did not read correctly what this guy said.
 
If you could potentially chain this (RCE) and produce a PoC for a broker then you could potentially get a lot from it. I have a few brokers that I know myself but none looking for anything like this specifically, but you'd get well into the ball park of 120k-150k, it just depends the level of impact that it has. While others might encourage you to go the bug bounty route (which I've done it the past) they will try to offer you the bare minimum.

I suggest you sit on it for a while and see what other brokers/companies offer you and then make your decision. Hope this helps you in one way or another comrade.
 
quincyel8 сказал(а):
If you could potentially chain this (RCE) and produce a PoC for a broker then you could potentially get a lot from it. I have a few brokers that I know myself but none looking for anything like this specifically, but you'd get well into the ball park of 120k-150k, it just depends the level of impact that it has. While others might encourage you to go the bug bounty route (which I've done it the past) they will try to offer you the bare minimum.

I suggest you sit on it for a while and see what other brokers/companies offer you and then make your decision. Hope this helps you in one way or another comrade.
*checks back account* hmm I may be doing something wrong here haha
 
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх