• File Uploading Issue in BillMeLater.com- paypal worth $5000

    by
    prakhar
    Published on 03-13-2013 03:57 PM      Number of Views: 11217  
    1 Comment Comments
    I want to share my finding on a recent issue I found in a subdomain of BillMeLater.com (a Paypal service).


    On 1st March, during my regular course of bug hunting in Paypal services, I found a file uploading issue that allowed me to upload files of certain extensions on the BillMeLater server.


    Initially I noticed the website was running an outdated version of DotNetNuke (an ASP.NET based CMS) with the file uploader enabled. Allowed extensions were:

    *. docx, *.xlsx, *.pptx, *.swf, *.jpg, *.jpeg, *.jpe, *.gif, *.bmp, *.png, *.doc, *.xls, *.ppt, *.pdf, *.txt, *.xml, *.xsl, *.css, *.zip, *.spin



    File Uploader on BillMeLater server


    So for testing purpose I uploaded a file on the server with some text content:



    I even tried to upload an ASP-shell within the restrictions but It didn't work on the server , If it had run then I could have got the possibility of command execution on the server.

    Anyway, I reported the issue to Paypal Security Team, they addressed the issue quickly with a reward of $5000 USD.

    This article was originally published in forum thread: File Uploading Issue in BillMeLater.com worth $5000 started by prakhar View original post
    Comments 1 Comment
    1. pik4chu's Avatar
      pik4chu - 12-07-2013, 05:51 AM
      ..awesome .. great bug bounty hunter

  • G4H Facebook

  • G4H Twitter