Oct. 1, 2023, 6:30 p.m. | Nithissh

InfoSec Write-ups - Medium infosecwriteups.com

Leaked Database and SMTP credentials through .env file

Introduction

Let me share with you the background of this bug bounty program. This bug bounty program is hosted independently and is built around the concept of offering self-driving cars as a service, along with providing marketing and digital solutions for drivers. While conducting reconnaissance on our target, we stumbled upon a subdomain. During our content discovery process on this subdomain, we encountered a 403 error when attempting to access the .env …

bug bounty

More from infosecwriteups.com / InfoSec Write-ups - Medium

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Senior Cybersecurity Engineer

@ Hitachi | (STS) Perth - Belmont

Cyber Security Expert (W/M)

@ Worldline | Seclin - 59, Nord, France

Senior CISO

@ Alter Solutions | Madrid, Spain

IT Security Specialist

@ BDO | Eindhoven, Netherlands