https://mailing.bugbountyexplained.com/gcpssrf
This video is an explanation of a vulnerability from Google bug bounty program. The bug was blind SSRF (Server-side request forgery) and the exploitation led to leaking the service account access token. The researcher, David Nechuta was awarded $31k bounty for it.
✉️ Sign up for the mailing list ✉️
https://mailing.bugbountyexplained.com/
☕️ Support my channel by buying me a coffee ☕️
https://www.buymeacoffee.com/bountyexplained
? Get $100 in credits for Digital Ocean ?
https://m.do.co/c/cc700f81d215
✎Sign up for Pentesterlab from my referral✎
https://pentesterlab.com/referral/Vtch_7hLg32TqA
Report:
https://nechudav.blogspot.com/2020/11/31k-ssrf-in-google-cloud-monitoring.html
Reporter’s twitter:
https://twitter.com/david_nechuta
Follow me on twitter:
https://twitter.com/gregxsunday
Timestamps:
00:00 Intro
00:35 Detecting the SSRF vulnerability
02:11 Basic data exfiltration
04:46 Overcoming load-balancing
07:01 Speeding-up the process by smart regexes
08:47 Try to exploit this vulnerability yourself with hands-on labs
Add comment