After almost a decade of being part of the online security industry, PureVPN has grown into one of the market leaders of the VPN industry. With continuously expanding server base, server locations, compatible software, data encryption tools, authentication protocols, customer support options and payment methods, PureVPN has been relentlessly working towards delivering the best value to its users.

PureVPN's network of 550+ servers is spread across more than 145 countries, serving over 1 million users from all over the world. PureVPN’s service has proved to be practical solution for travelers or teleworkers looking to encrypt their Internet activity on a hotel/airport or other insecure public Wi-if, businesses who want remote secure access, people who want to avoid being on the radar of marketers, advertisers, and third-party agencies, and internet users that want their privacy to remain intact.

Targets

In scope

Our focus is on the following:
*.purevpn.com

Sensitive areas to focus are our 3rd party CRM namely WHMcs at billing.purevpn.com, our partner API at reseller.purevpn.com/partner/api.php and our 3rd party Affiliate Management panel "PostAffiliatePro" at billing.purevpn.com/affiliates.

Then there are custom clients (software) for Windows, MAC, iOS and Android links can be found in the Target area.

Lastly there is the core service and production network that compromises of several hundreds of Windows based VPN servers hosted across more than 45 countries. Servers are connected to from within those software however for those who wish to access the network without the software can use the following host addresses

http://billing.purevpn.com/pptp_l2tp_hostname_list.php

On the server end we have RRAS window service and OpenVPN installed running on ports UDP 53 and TCP 80.

The following is considered out of the scope:

  • Banner/version disclosure
  • Brute Force attacks
  • Clickjacking
  • DDOS attacks
  • CRIME/BEAST attacks
  • Issues that cannot be reproduced
  • Issues found through use of automated tools must not be a simple copy/paste of the result. A PoC and detailed description on how it can affect a user's data or PureVPN's data/infrastructure need to be included
  • URL redirection

Happy bounty hunting people!

Rules

This bounty follows Bugcrowd’s standard disclosure terms.

This bounty requires explicit permission to disclose the results of a submission.