9
Korvax
3y

I found xss on the software the my school and many other schools use it. The bug is on every page of their website.
I reported the bug to their team, they fixed it and didnt even reward me.

What do you ranters advice me to?

Comments
  • 3
    Start a blog on security. Write about it and keep us posted.
    That would reward yourself.
    Help everyone learn! :)
  • 2
    Keep looking for exploits. It's amazing how many IT staff you can creep the hell out while keeping white hatted.
  • 5
    The IT guys have a grudge against me because of the amount of bugs I have found in my school's system
  • 3
    Unless they offer a bug-bounty, just pat yourself on the back. You did a good thing.
  • 0
    @mhudson when i first asked permission from them to find bugs they said we will reward you but now they have fixed the bug and no reward
  • 1
    post the details in your blog, and keep posting new ones. also, check hacker1, you might find it interesting.
  • 2
    I found a bug in my schools security. The badges the teachers use are standard NFC tags. Unrelated my phone is capable of reading and writing data to NFC tags. The network is also susceptible to man in the middle attacks.
Add Comment