[SDwdasq]

Hi guys, I need money urgently. I tried everthing (believe me) i can do and failed. Hacking
seems to the only way left for me.
I use Fiddler well enought to find vulnerabilities on websites. For example, a china online
shopping website have payment vulnerability, i can change the payment amount (to zero e.g.)
before real payment and order goes well.
So i wonder,maybe i can make money from it? But i don't want to do that, i hack, not rob.
Maybe I can sell the vulnerability to someone?
I need advice, should i do that? and how?
And is there anything else can i do to make money quickly?

[mothered]

It depends on the nature and scale of the website.

Some companies offer rewards for vulnerabilities found, so If It were myself, I'd be researching those that do and work on that.

[SDwdasq]

thank you bro
Maybe i should contact them and see what i can do.

[mothered]

thank you bro
Maybe i should contact them and see what i  can do.

Try and negotiate with those that offer a reward.

Their aim Is to give the absolute minimum.

[Kludge]

I'm with mothered on this one. Get involved in bug bounty programs. Facebook and Google both have robust bug hunting programs, but you have to let them know you're doing it by signing up for them. You can also grey hat I suppose and anonymously let a company/site know you have discovered a bug of a certain nature and would be happy to part with the technical info for a fee.
Be careful with that second way of doing things. It requires a great amount of tact and persuasive abilities.

[Sartux]

Yeah bug bounties are a great way of making cash. Just make sure you are very professional and don't try and blackmail them as it just pisses them off. At the end of the day, unless its a big website (like facebook etc.) they can just take the site down whilst they fix all the vulns so you can't really blackmail them into it.

Also they will try to make you tell them all the steps to find the vuln before they give you money, and then just find it themselves and not give you anything.