No Rate Limit - 2K$ Bounty
In computer networks, rate limiting is used to control the rate of traffic sent or received by a network interface controller and is used to prevent DoS attacks.
Rate limiting is used to control the amount of incoming and outgoing traffic to or from a network. For example, let’s say you are using a particular service’s API that is configured to allow 100 requests/minute. If the number of requests you make exceeds that limit, then an error will be triggered
No rate limit means their is no mechanism to protect against the requests you made in a short frame of time. Say for example you have a forget password page and a victim’s email, now enter the victim’s email and intercept the request using burp suite (a proxy tool) and send that request to repeater or intruder for repeating it. If the repetition doesn’t give any error after 50, 100, 1000 repetitions then their will be no rate limit set.
Now the scope of this vulnerability is not limited only to forget password page you can also use it in comments, adding user (where you need to send an invite email), sending GIFs or messages, sending OTPs etc.
While searching for No Rate Limit I came across a comment section on yahoo.com where I was able to make 100–200 comments in less than 60 seconds and it was a GIF flood.
I found it on 4 different endpoints on yahoo.com and I was paid with good amount. All the endpoints have been fixed
How to attack using Intruder :
- Go to any endpoint where you can comment or you can send messages etc.
- Now make a comment and intercept the request using burp suite
- Send that request to intruder and click on clear
- Select the comment you made and click on add
5. Now to payload section and you can simply add a payload file which contains various words or you can use “Add from list option”
6. Click on start attack
7. Refresh the page and you’ll find the flood
How to attack using Repeater :
- Send the request to repeater
2. Click on go as many times as you want the comment to be posted
3. Refresh the page
Thank You :)
Instagram : jerry._.3