SONY Hunting I: Discovering Hidden Parameters (5x SWAG)

Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on email

Hello everyone.

It’s been a long time. Hope everyone is well. I thought, I should publish a new write-up and I feel ready for it.
Today I’m going to talk about a series of vulnerabilities that I found in Sony a few months ago. OK, Let’s go then!

As you know, SONY is a huge target and even though I don’t have any financial profit (only swag), I especially like to take care of it.
In general, it’s not my style to concentrate on a single vulnerability type. However, in this wide scope, I wanted to make things a little easier and focused only on Open Redirect vulnerabilities. Because hunting for vulnerabilities such as open redirect is forgotten or overlooked. So, the topic of this write-up will be Open Redirect. (I plan to continue this series with other vulnerabilities later.)

Recon is My Lifecrt.sh/?q=Sony

I’ve noticed that it is more useful to use a keyword instead of entering the domain names of the targets in programs with a wide scope.

So, trying keywords like

Read the article