<h1 id="heading-hi-everyone">Hi everyone!!!</h1>
It all started when I have and examination online and wanted to study for it. But before paying for it I turned on burpsuite to see the data requests sent, hoping to find something good for me.
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1654363201182/Ryaw2XELR.jpg" alt="1654363099645.jpg" class="image--center mx-auto" />
From the picture above I get the <code>“ harga:39000 ”</code> parameter which is the initial price of the learning I want to buy. I used the repeater on burpsuite to change it and see the response I got, and this the result.
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1654363325574/7eYe_ozrS.jpg" alt="1654363252779.jpg" class="image--center mx-auto" />
I changed parameter <code>“ harga:39000 ”</code> to <code>“ harga:1000 ”</code> and I got <code>“ 200 OK ”</code>. I was very happy, and when I saw my catalog the price changed.
I contacted the website admin and reported it.
<h3 id="heading-timeline">Timeline :</h3>
01 May 2022 : I reported.
01 May 2022 : Got feedback about reporting.
02 May 2022 : I got bounty from this report.
The developer gave me permission to disclose this report without mentioning them
I forgot my original goal of changing the price and buying the lessons I had changed the price for. but it’s okay for me. Maybe that’s all from me, hopefully it can be a reference for you and sorry if there are things that are not clear.

# Hi everyone!!!

It all started when I have and examination online and  wanted to study for it. But before paying for it I turned on burpsuite to see the data requests sent, hoping to find something good for me.

![1654363099645.jpg](https://cdn.hashnode.com/res/hashnode/image/upload/v1654363201182/Ryaw2XELR.jpg align="center")

From the picture above I get the `“ harga:39000 ”` parameter which is the initial price of the learning I want to buy. I used the repeater on burpsuite to change it and see the response I got, and this the result.

![1654363252779.jpg](https://cdn.hashnode.com/res/hashnode/image/upload/v1654363325574/7eYe_ozrS.jpg align="center")

I changed parameter `“ harga:39000 ”` to `“ harga:1000 ”` and I got `“ 200 OK ”`. I was very happy, and when I saw my catalog the price changed.

I contacted the website admin and reported it.

### Timeline :

***01 May 2022*** : I reported.

***01 May 2022*** : Got feedback about reporting.

***02 May 2022*** : I got bounty from this report.

**The developer gave me permission to disclose this report without mentioning them**

I forgot my original goal of changing the price and buying the lessons I had changed the price for. but it’s okay for me. Maybe that’s all from me, hopefully it can be a reference for you and sorry if there are things that are not clear.



Abubakar Sadiq Sirajo 's Blog

Abubakar Sadiq Sirajo 's Blog

PRICE TAMPARING | How I Change Price On A Website

Hi everyone!!!

Timeline :