Security researcher has earned a $5000 bounty from Google

A security researcher was looking at some Google services hoping to find something worth a bounty until he found a bug and got $5000 bounty.

He came across “https://login.corp.google.com” which is a simple login page that seems to be for Google employees.

He said that every time the page is reloaded, a new image from “https://static.corp.google.com” is loaded directly into the page.

An example of image URL is: “https://static.corp.google.com/corpsso/images/PICT0004.jpg”

After many tries, he was able to get the default Google 404 error, but with one difference by going to the following URL:
https://static.corp.google.com/corpsso/asd/

A feature called “Re-run query with SFFE debug trace” pointed to:
https://static.corp.google.com/corpsso/asd/?deb=trace

The debugging page contained various parts of information, providing the server name and internal IP, X-FrontEnd (XFE) HTTP requests, service policies, and other information that is related to Cloud Bigtable.

The issue was reported to Google on January 19, but a permanent fix was rolled out on March 16. Google rewarded the researcher $5,000 for this big, which is the maximum bounty of information disclosure bug. Google has spent out more than $9 million since the start of its bug bounty program in 2010, the highest single reward in 2016 was $100,000.

 

Related posts

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA

Kia Dealer Portal Vulnerability Risked Millions of Cars