Part 2: Dive into Zoom Applications

GET /pagerduty/config?signature=7HuiNVkFlvvqNxooZzLAevNuvyA&user_id=M4u<REDUCTED> HTTP/1.1
Host: <REDUCTED>.zoom.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: https://<REDUCTED>.zoom.us
Connection: close
HTTP/1.1 200 OK
Date: Mon, 29 Jul 2019 20:08:26 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 80
Connection: close
x-amzn-RequestId: a048105e-b23c-11e9-8381-6d6d62790a0e
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
x-amzn-Remapped-content-length: 80
x-amz-apigw-id: dmnJMFymoAMF6Nw=
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
etag: W/"50-pySbe+m76pCbniLaJ/LRkpJvylU"
x-powered-by: Express
X-Amzn-Trace-Id: Root=1-5d3f523a-696bd7c04ada12240312a370;Sampled=0
{"is_admin":true,"platform_token":"<REDUCTED>","service_id":"P9ZRCKP"}

--

--

--

Security Consultant | Bugbounty Hunter

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to Fix Hard Drive or SSD SMART Error

{UPDATE} Creator Factory's Don't Touch White 3D Hack Free Resources Generator

Pages banned by other pages is still able to take action on event(comment+post)

Behind the Digital Curtain

Difference between encoding, hashing and encryption

Keepin Update: V1.3 is now available for download!

Tenacity

How Criminals Can Steal Ownership Of Your Home And How You Can Stop Them

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Rakesh Thodupunoori

Rakesh Thodupunoori

Security Consultant | Bugbounty Hunter

More from Medium

Utilization of OWASP Tools to protect against XSS vulnerabilities

How we discovered zero-day vulnerabilities in Riverbed Software Agent

The Tale of a Click leading to RCE

RCE on micro_httpd web server