How I Hacked India Today Subscription for 2 years 😅🥳🤑

Anudeep Vysyaraju
5 min readMay 25, 2024

--

Before getting into the blog,,,

My kind of proverb to Hackers in the community….

“Focus on Bug Bounty Programs over girls; programs recognize effort, but girls do not. 😉”

Let’s get started…

A few lines about India Today…

India Today is a weekly Indian English-language news magazine published by Living Media India Limited. It is the most widely circulated magazine in India, with a readership of close to 8 million.

Let’s re-create the scenario!!

I’m searching for some news and reading an article about some public personality on the internet, and all of a sudden I get a POP-UP to subscribe to the magazine and everyone hates the pop-ups (I hate them more 😅😂) by mistakenly tapping on the pop-up instead of closing it. I felt something suspicious about the website and started my hunting.

This is how my hunt started on this website for vulnerabilities😈😈

Let’s move into the hack!!!!

So as I opened the site, I scrolled it and immediately created an account for me. Now the website shows me different types of magazines and subscription plans, and blah blah ☹️☹️is coming up. So I’m trying to get the minimum things like the functionality of the website and doing a small Recon 👨‍💻👨‍💻 on the website.

Subscriptions that are available on the website

So I tried all general things such as parameter tampering and all other business logic bugs on the internet and from my checklist😁. As this is an e-commerce website I haven’t got any good scope to exploit the vulnerabilities 🥹🥹

After going through the website, I came to know that it uses multiple payment gateways and the interesting thing about the website is it uses Billdesk as one of its payment gateway. So my all attention goes to Billdesk because I never tried to bypass it 😅😉😃

Now I’ve added some random subscriptions to my cart and seen all the payment options like Paytm and ICICI Bank along with Billdesk.

After some No. of attempts failed on other payment gateways. I took a break and started testing Billdesk ⚡🙃

I’ve opted for Billdesk as my payment gateway and confirmed my order.

Payment gateways list

After confirming the order, Now the site is redirected to the payment gateway page.

Billdesk Payment Gateway Interface

Now I opened it by Burpsuite and configured my proxies... I’m all set to hack the gateway. So before doing this I just refered to the Billdesk Payment Gateway API Codes and Responses to understand the gateway far better because as I mentioned I’m also new to the Payment Gateway. Here below I’m giving small info about Payment Gateway API Response Codes for Beginners. 😁😁😁

What are Payment Gateway API Response Codes ??

Gateway response codes are multi-digit codes identifying whether a transaction is declined or approved. These codes will indicate what action needs to be taken, if any, to retry the transaction.

Please refer to the attached document to get an idea about Billdesk Payment Gateway.

Now open the Burp go to the proxy tab and turn on the intercept. After turning it on, cancel the transaction by tapping cancel. Also, fill in the required data and abort the transaction.

Cancel window for Billdesk Payment Gateway

Now I got some requests and responses in my burp and this request makes me fall for it 😅😍

Untampered Request.

Here in this request, I observed that msg is showing the transaction status and response codes, So this request will be sent and I thought to change the responses in the message field accordingly.

As you see,
“0300” is for Success and it means Successful Transaction
“0399” is for Invalid Authentication at Bank Failed Transaction

Now I plan to change or tamper the transaction status code and message accordingly.

Tampered Request.

After changing the response code and message in the request I forwarded the request to Burpsuite & after that, I received this response. Now I came to know that this request is using the POST method to update the order and it looks like a success 🥳🥳

Order Update Request.

After keeping on forward the requests and responses, I’ve saw this 😉😉😁😁

Boooooommmmmm, I was shocked to see that Success message on the screen 🥳🎉🥳🎉

Success Message.

This write-up is shared for Knowledge transfer purposes only and please don't try to use the bug.

Also special thanks to Mayur Parmar, Hemant Patidar, Tarun Tandon, and Pavan Kumar Chinta

Hope you enjoyed this write-up and gained something good. Visit my profile for doubts and guidance ping me on LinkedIn.

Also, you guys can follow me on Medium

Thanks and Byee… Happy hacking and Let’s hack together👨‍💻😈

--

--