How I Got Free LinkedIn Premium Membership🤣
Good day ppl! This is Anudeep Vysyaraju, with a new write-up on how I hacked LinkedIn Premium Membership for FREE (almost FREE 🤣) and made my payment successfully.
Let's get started…
A few lines about LinkedIn Premium Membership:
LinkedIn is known as a social network platform that is built for the business community and here we can make connections professionally to boost our careers. Also, LinkedIn provides premium services for its users to get more privileges and this is a short description of LinkedIn.
Let’s re-create the scenario!!
Recently, I checked my University email that is providing the LinkedIn Premium Membership for a discounted price to the students and faculties of ****** University. Also, this program is eligible for people within the University.
So I just had an eye on the mail and visited the site, from the site itself the user can purchase the Membership for a discounted price. So I found that there is something unlogical on the site.
This is how my hunt started on this website for vulnerabilities😈😈
Let’s move into the hack!!!!
So quickly I fired up the burp and started intercepting the requests, I just wanted to go through the whole site and check what I could get; also tried to bypass the payment and tried many things to get other user PII too but everything looked failed.
Then after coming out from trance🤣🤣🤣 and noticed that the site wasn’t using any hashing or encryption for the parameters😮😮🙀🙀.
So now my job is to change the parameters and check whether the tampering is working there or not, 🫠🫠
Before changing the parameters the request looked like this,
After changing the parameters, the request will be like this
Now I tampered with the parameters accordingly from “8900/-” to “1/-” and after tampering with the parameters I pressed the PAY NOW.
Now the site is redirected to Payment Interface and the interface came like this
Now I want to recheck whether it's changed successfully or not, so I reloaded the page and saw the parameter to 1/- 🥳🥳🥳
Again our main motto and agenda 💀💀 is to bypass the payment or make the payment for tampered price. So I tried to make the Payment and it was SUCCESS 🎉🥳
BoOoOoMM now I got this Linkedin Premium Membership for free of cost 💰💵💸
PS: The Bug has already been submitted to the Relevant Department, So all the so-called hackers 😈or Bug Bounty Hunters in ***** University 🤣🤣 please be aware while trying to reproduce it.
Because the Relevant Department is clearly watching👀 the Transaction Details, I request all that don’t try to reproduce it.
This write-up is shared for Knowledge transfer purposes only.
Also special thanks to Mayur Parmar, Hemant Patidar, Tarun Tandon, and Pavan Kumar Chinta
Hope you enjoyed this write-up and gained something good. Visit my profile for doubts and guidance ping me on LinkedIn.
Also, you guys can follow me on Medium
Thanks and Byee… Happy hacking and Let’s hack together👨💻😈
