Jump to content
Domnul.Do

[AT&T] Foreign Vendor Questionnaire

By Domnul.Do, in Bug Bounty

Recommended Posts

Domnul.Do Newbie

Domnul.Do

Posted
Posted

Rezumat:

Undeva la inceputul anului 2013 am deschis 6 incidente de securitate , deoarece nu am fost inregistrat la ei nu am primit raspuns pana acuma.

Mi-au trimis zilele trecute un raspuns pentru bug bounty-ul acumulat (o suma destul de mica pentru 6 incidente de securitate) si trebuie sa completez documentele W8-BEN si Foreign Vendor Questionnaire precum si alte inforimatii personale.

Email:

(...)

INFORMATION REQUIRED FROM INTERNATIONAL REPORTERS:

v Full Name (first, middle initial and last name)

v Current residence address

v Contact Phone Number

v W8-BEN FOR INTERNATIONAL REPORTERS, (attached) signed and filled out completely Note - Part IV fill out completely

v This form will need to be sent back electronically as well as hard copy (return address will be provided when we receive your electronic copy.)

v Foreign Vendor Questionnaire (attached)

v SWIFT Supporting Documentation

Bank Letter Confirming Routing Number / SWIFT BIC Number

Account Type checking or savings

Beneficiary Bank Name

Beneficiary Account Number

Bank info on Company Letterhead/Invoice

Contact at Bank

(...)

Problema:

Acuma problema este ca nu am avut tangenta cu formularul "Foreign Vendor Questionnaire" si nu stiu exact cum sa il completez , cateva informatii despre cum sa completez furnizate de catre ei:

2. How do I fill out Foreign Questionnaire form?

If you are an international reporter, the Foreign Questionnaire must be filled out. Please answer

questions 1-3, 5, 6 (on question 6 please put AT&T Bug Bounty payout of REF: number) and

question 7. Signed and dated.

Cer sprijinul persoanelor care au avut tangenta pentru intocmirea corecta a formularului "Foreign Vendor Questionnaire" .

Alte informatii:

Foreign Vendor Questionnaire : Foreign Vendor Questionnaire.pdf - DocDroid

dekeeu Newbie

dekeeu

Posted
Posted

Deci , iti spun cum l-am completat eu (tot pentru AT&T):

PART 1: 1-Nume,2-Romania,3-Nonresident...

PART 2: 5-Provision of labor or personal services-Performing labor or personal services exclusively outside the United States . 6-AT&T BUG BOUNTY PROGRAM ,

PART 3: 7-W8-BEN + informatiile de la sfarsitul paginii toate.

Mentionez ca inca nu l-am trimis dar cred ca o voi face maine.

Domnul.Do Newbie

Domnul.Do

Posted
  • Author
Posted
Deci , iti spun cum l-am completat eu (tot pentru AT&T):

PART 1: 1-Nume,2-Romania,3-Nonresident...

PART 2: 5-Provision of labor or personal services-Performing labor or personal services exclusively outside the United States . 6-AT&T BUG BOUNTY PROGRAM ,

PART 3: 7-W8-BEN + informatiile de la sfarsitul paginii toate.

Mentionez ca inca nu l-am trimis dar cred ca o voi face maine.

Un like nu e destul dar o multumire publica probabil: Multumesc Toshib4!

dekeeu Newbie

dekeeu

Posted
Posted

La punctul 6 sa completezi asa cum ti-au spus ei, nu cum am scris mai sus , respectiv:

AT&T Bug Bounty payout of REF: number
iar number este numarul pe care il ai in mail-ul primit de la ei. (nu de alta, dar mie mi-au dat termen in care pot trimite formularul, si ar fi urat sa pierzi niste bani pentru 1 greseala minora) .
Domnul.Do Newbie

Domnul.Do

Posted
  • Author
Posted
La punctul 6 sa completezi asa cum ti-au spus ei, nu cum am scris mai sus , respectiv:

iar number este numarul pe care il ai in mail-ul primit de la ei. (nu de alta, dar mie mi-au dat termen in care pot trimite formularul, si ar fi urat sa pierzi niste bani pentru 1 greseala minora) .

Am 6 incidente,probabil formatul o sa fie asa: AT&T Bug Bounty payout of REF:1,2,3,4,5,6

Cu alte cuvinte daca nu este precizat daca sunt mai multe ref ,ma gandesc ca este la libera alegere formatul .

Probabil toti care au trimis incidente vor primi un astfel de raspuns , cu un termen de trimite si bug bounty-ul ajunge undeva la sfarsitul anului (probabil sa poate inchide anul in "documente")

mah_one Newbie

mah_one

Posted
Posted (edited)

Domnul.Do, astia de la AT&T sunt cei mai idioti, dar nu ii depasesc pe cei de la paypal (astia sunt din alta categorie).

In fine, ideea e ca eu le-am trimis w8ben si tot ce mai trebuie si le-am dat iban, swift code, etc sa imi bage banii in contul bancar. Ei mi-au zis ca au nevoie de scrisoare de la banca cum ca tot ce am zis este adevart. Aia de la banca au ramas si ei uimiti de ce cereau astia de la AT&T....

Edited by mah_one
  • Active Members
akkiliON Collaborator

akkiliON

Posted
  • Active Members
Posted
AT&T thanks you for your Report(s). While the scope of AT&T’s Bug Bounty program during this time frame was limited to our Developer API platform only we would still like to reward you a bounty. As a result of your report(s), we would like to reward you with a bounty of $ 100.00.

Ce mult am primit ?i eu.

mah_one Newbie

mah_one

Posted
Posted

eu stau cel mai bine....:P am raportat un auth bypass in site-ul principal (reset password vulnerability)..... asta a fost de foarte mult timp si am luat 500$ si ma chinui de 1 an sa ii scot de la ei.

nacks Newbie

nacks

Posted
Posted 

 ... Decisions on future award payouts will be made at a later date.

We apologize for any inconvenience, and we sincerely appreciate your report(s).

Thank you,

AT&T Bug Bounty Team

Asta am primit pe 24.09.2013 si de atunci ... liniste !

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...