️♂️ Unlisted but Not Unseen: How I Found the Admin Panel in a JavaScript Comment
1 min read
Summary
A JavaScript (JS) file is usually full of bugs and can be particularly difficult to review, but comments are ignored by most bug hunters.
Comments are usually included as a means of communicating with other developers and can provide useful insights into the mindset of the developers.
Occasionally, the comments can provide information that isn’t publicly available, which could be useful to a bug hunter.
For example, Iski discovered a JavaScript comment that referenced an admin panel, which gave him an idea of the technologies being used and possible vulnerabilities that could be exploited.
This is an example of how thinking outside the box and understanding the mindset of the developer can make life easier for a bug hunter.