Journey Of My First Bug Bounty (Nov 2018)

Hello everyone,

This is my first writeup

To people who don’t know me I Harsh, a 4th year Engineering student in Information technology and a bug bounty hunter.

This is the story when i’m in a 2nd year and summer holidays going on, as a daily routine i'm sitting in my room and scrolling my phone, and suddenly i noticed that there is some misconfiguration in my phone then i tried the same procedure 2–3 times and notice the same and i came to a conclusion that this is a bug but as a noob that time i don’t know where to report this so i search on google and i saw official Samsung Mobile Security vulnerability reporting website https://security.samsungmobile.com/main.smsb

After this i create an account on a website and started looking for instructions how to report a bug to samsung and you won’t believe it guys that time i even don’t know about Poc, report making, but i keep things simple that time so i made a simple report and as you all know this is my first report so forget about professional report writing skills but anyway i make a Poc video and send it to the samsung.

Next morning, I received an email

Vulnerability

Attack Scenario

  1. User locked their Whatsapp with S Secure application
  2. User add second whatsapp from dual apps feature by samsung it as a parallel space application does
  3. When we open second whatsapp sometimes it open without any authentication means without pin, fingerprint and this bug unlock our first whatsapp also. So anybody can enter in our locked apps.

Bounty Reward

After waiting 90 Days, Samsung rewarded me $200 😍 through bugcrowd and that moment my excitement level 🎉

Tips

Sometimes you don’t need to do reverse engineering or read application source code. Always try to abuse manually first.

Thanks for reading😎

Sorry for my bad english..

More writeups coming soon…

Linkedin: https://www.linkedin.com/in/harsh-tyagi-1468b3193/

Twitter: https://twitter.com/harshtya9i

Instagram: https://instagram.com/harsh_tya9i

Learner | Bug Bounty Hunter | VAPT | Independent Security Researcher