Jump to content
tudor13mn13

O mica intrebare

By tudor13mn13, in Off-topic

Recommended Posts

tudor13mn13 Newbie

tudor13mn13

Posted
Posted (edited)

Salut RST !

Recent , m-am apucat sa caut vulnerabilitati in aplicatii web.

1.

Am un cont paypal , pe care NU am atasat nici-un card . Pot folosi contul pentru a plati online / transfera bani cuiva ?

2.

Am gasit o vuln in google in care apare o eroare care te pune sa dai click undeva , si downloadeaza virusul(stealer/rat/etc).

Cat credeti ca se da pt asa ceva ? :D

//edit : Eu am trimis poze cenzurate la google si le-am spus sa ma contacteze pt mai multe detalii.credeti ca ma vor baga in seama ?

Edited by tudor13mn13
Link to comment
Share on other sites
Htich Newbie

Htich

Posted
Posted

1) Din cate stiu , la fiecare metoda de plata cu paypal trebuie sa ai atasat cardul ( sau un card oarecare ).

2) Din 10 situri gasite pe 6 au "Bugul" respectiv , o sa faci o caruta de bani .

2.1) Google va detecta "bugul" si spre norocul tau te va plati.

2.2)Poti sa vinzi bugul respectiv pe $ persoanelor intersate de acel bug

3) Daca nu , Bravo tie .

4 ) The END !:)

Link to comment
Share on other sites
poq Newbie

poq

Posted
Posted
Salut RST !

Recent , m-am apucat sa caut vulnerabilitati in aplicatii web.

1.

Am un cont paypal , pe care NU am atasat nici-un card . Pot folosi contul pentru a plati online / transfera bani cuiva ?

2.

Am gasit o vuln in google in care apare o eroare care te pune sa dai click undeva , si downloadeaza virusul(stealer/rat/etc).

Cat credeti ca se da pt asa ceva ? :D

//edit : Eu am trimis poze cenzurate la google si le-am spus sa ma contacteze pt mai multe detalii.credeti ca ma vor baga in seama ?

La Google nu trebuie sa spui sa te contacteze pentru mai multe detalii, o sa te contacteze ei oricum sa iti zica daca e ceva de reward sau nu, iar ei nu fac plata in contul de PayPal..:)

Link to comment
Share on other sites
poq Newbie

poq

Posted
Posted (edited)

Depinde de situatie, daca e ceva grav raspund cel mai probabil urmatoarea zi.

Dar la ce adresa ai trimis email?

Trebuie trimis la adresa asta security@google.com si dupa scurt timp primesti un mesaj de confirmare pe email, ceva de genul:

[FONT=Helvetica Neue]Thanks for the vulnerability report.This email confirms we've received your message. We'll investigate and get back to you once we've got an update.[/FONT]
[FONT=Helvetica Neue]Cheers,
Google Security Bot[/FONT]

[B]Report Details[/B]

[FONT=Helvetica Neue][B]Email Subject:[/B][/FONT]
[FONT=Helvetica Neue][B]Category: [/B][/FONT]
[FONT=Helvetica Neue][B]Product: [/B][/FONT]
[FONT=Helvetica Neue][B]Cid: 
[/B][/FONT]

Iar atunci cand o sa il ia in vizor o sa primesti asta

Hey - Just letting you know that your report was triaged and we're currently looking into it. You should receive a response in a couple of days, but it might take up to a week if we're particularly busy.


[FONT=Helvetica Neue]Thanks,
Google Security Team[/FONT]

Edited by poq
Link to comment
Share on other sites
tudor13mn13 Newbie

tudor13mn13

Posted
  • Author
Posted
Stai, ce form ai avut de completat?

Normal cand primesti confirmarea nu ai nici un form de completat...

Deci eu am trimis mail la security@google.com

-Am primit un raspuns automat in care mi-au zis sa ma duc la https://www.google.com/appserve/security-bugs/new?rl=

-Am completat acolo , unde am pus si o poza necenzurata unde se vede linkul

Problema este urmatoarea:

Cand o sa vada ca eu am trimis poza necenzurata , o sa ma ia de fraier si nu o sa prim. nimic , sau imi raspund , si sa ma intrebe cum sa ma rasplateasca?

Uite asta:

Link to comment
Share on other sites
poq Newbie

poq

Posted
Posted (edited)

A, ai trimis email direct catre security@google.com, am uitat sa mentionez ca trebuie sa completezi aici goo.gl/vulnz.

O sa iti raspunda ei, indiferent daca e ceva sau nu.

Tu ai primit asa pentru ca ai trimis email direct si nu prim form.


[FONT=Helvetica Neue][B]*** IMPORTANT - PLEASE READ ***[/B][/FONT]
[FONT=Helvetica Neue][B]Hello[/B][/FONT]
[FONT=Helvetica Neue][B]If you are reporting a security vulnerability in one of our products, we strongly urge you to [URL="https://www.google.com/appserve/security-bugs/edit?rl=i7nnn46n988ainrhwsnyozxq"]click here[/URL] to provide us with some additional information needed to process and prioritize your report. You will be able to expedite urgent or high-severity reports.[/B][/FONT]
[FONT=Helvetica Neue][B][U]NOTE[/U]: If you are not reporting a legitimate security vulnerability in one of our services, you won't receive a response and we'll be unable to take action on your message.[/B][/FONT]
[FONT=Helvetica Neue][B]Solutions to common non-vulnerability problems:[/B][/FONT]

[LIST]
[*][B]For account hijackings, please go [URL="http://www.google.com/support/youtube/bin/answer.py?answer=76187"]here for Youtube[/URL], and [URL="http://www.google.com/support/accounts/bin/answer.py?answer=117219"]here for Google Accounts[/URL] (including Gmail).[/B]
[*][B]For other problems with account security in [URL="http://mail.google.com/support/bin/topic.py?topic=12784"]Gmail[/URL], [URL="http://www.google.com/support/youtube/bin/topic.py?topic=13044"]Youtube[/URL] or [URL="http://checkout.google.com/support/bin/answer.py?answer=42821&topic=8942"]Checkout[/URL].[/B]
[*][B]For requests to remove content in [URL="http://www.google.com/support/bin/topic.py?topic=360"]Search[/URL], [URL="http://www.google.com/help/maps/streetview/privacy.html"]Streetview[/URL], [URL="http://maps.google.com/support/bin/answer.py?answer=98014"]Maps[/URL], [URL="http://www.google.com/support/youtube/bin/answer.py?answer=178909"]Youtube[/URL], [URL="http://help.orkut.com/support/bin/answer.py?answer=57444&topic=10310"]Orkut[/URL], [URL="http://www.google.com/support/blogger/bin/answer.py?topic=12468&answer=76315"]Blogger[/URL], or [URL="http://www.google.com/security.html"]any other product[/URL].[/B]
[*][B]To report [URL="http://www.google.com/safebrowsing/report_badware/"]malware[/URL] or [URL="http://www.google.com/safebrowsing/report_phish/"]phishing[/URL] sites, or [URL="http://adwords.google.com/support/aw/bin/request.py?display=feedback"]inappropriate or malicious advertisements[/URL].[/B]
[*][B]For [URL="http://www.google.com/support/accounts/bin/topic.py?topic=14146"]scams[/URL], including fake lotteries and job offers.[/B]
[/LIST]
[B][FONT=Helvetica Neue]For anything else, please go to our [/FONT][URL="http://www.google.com/support/"]Google Support[/URL][FONT=Helvetica Neue] page as our team won't be able to help you.If you do not wish to complete our online form, simply ignore this message to have your original email entered into our system without additional details. This option is not recommended and may lead to delays in processing your report.[/FONT]
[FONT=Helvetica Neue]Regards,
Google Security Team[/FONT][/B]

Dar acum ca ai completat acolo e ok, asteapta sa iti raspunda.

Edited by poq
Link to comment
Share on other sites
tudor13mn13 Newbie

tudor13mn13

Posted
  • Author
Posted
A, ai trimis email direct catre security@google.com, am uitat sa mentionez ca trebuie sa completezi aici goo.gl/vulnz.

O sa iti raspunda ei, indiferent daca e ceva sau nu.

Tu ai primit asa pentru ca ai trimis email direct si nu prim form.


[FONT=Helvetica Neue][B]*** IMPORTANT - PLEASE READ ***[/B][/FONT]
[FONT=Helvetica Neue][B]Hello[/B][/FONT]
[FONT=Helvetica Neue][B]If you are reporting a security vulnerability in one of our products, we strongly urge you to [URL="https://www.google.com/appserve/security-bugs/edit?rl=i7nnn46n988ainrhwsnyozxq"]click here[/URL] to provide us with some additional information needed to process and prioritize your report. You will be able to expedite urgent or high-severity reports.[/B][/FONT]
[FONT=Helvetica Neue][B][U]NOTE[/U]: If you are not reporting a legitimate security vulnerability in one of our services, you won't receive a response and we'll be unable to take action on your message.[/B][/FONT]
[FONT=Helvetica Neue][B]Solutions to common non-vulnerability problems:[/B][/FONT]

[LIST]
[*][B]For account hijackings, please go [URL="http://www.google.com/support/youtube/bin/answer.py?answer=76187"]here for Youtube[/URL], and [URL="http://www.google.com/support/accounts/bin/answer.py?answer=117219"]here for Google Accounts[/URL] (including Gmail).[/B]
[*][B]For other problems with account security in [URL="http://mail.google.com/support/bin/topic.py?topic=12784"]Gmail[/URL], [URL="http://www.google.com/support/youtube/bin/topic.py?topic=13044"]Youtube[/URL] or [URL="http://checkout.google.com/support/bin/answer.py?answer=42821&topic=8942"]Checkout[/URL].[/B]
[*][B]For requests to remove content in [URL="http://www.google.com/support/bin/topic.py?topic=360"]Search[/URL], [URL="http://www.google.com/help/maps/streetview/privacy.html"]Streetview[/URL], [URL="http://maps.google.com/support/bin/answer.py?answer=98014"]Maps[/URL], [URL="http://www.google.com/support/youtube/bin/answer.py?answer=178909"]Youtube[/URL], [URL="http://help.orkut.com/support/bin/answer.py?answer=57444&topic=10310"]Orkut[/URL], [URL="http://www.google.com/support/blogger/bin/answer.py?topic=12468&answer=76315"]Blogger[/URL], or [URL="http://www.google.com/security.html"]any other product[/URL].[/B]
[*][B]To report [URL="http://www.google.com/safebrowsing/report_badware/"]malware[/URL] or [URL="http://www.google.com/safebrowsing/report_phish/"]phishing[/URL] sites, or [URL="http://adwords.google.com/support/aw/bin/request.py?display=feedback"]inappropriate or malicious advertisements[/URL].[/B]
[*][B]For [URL="http://www.google.com/support/accounts/bin/topic.py?topic=14146"]scams[/URL], including fake lotteries and job offers.[/B]
[/LIST]
[B][FONT=Helvetica Neue]For anything else, please go to our [/FONT][URL="http://www.google.com/support/"]Google Support[/URL][FONT=Helvetica Neue] page as our team won't be able to help you.If you do not wish to complete our online form, simply ignore this message to have your original email entered into our system without additional details. This option is not recommended and may lead to delays in processing your report.[/FONT]
[FONT=Helvetica Neue]Regards,
Google Security Team[/FONT][/B]

Dar acum ca ai completat acolo e ok, asteapta sa iti raspunda.

Multumesc.

Dar tot nu m-ai lamurit :)) Daca le-am dat poza necenzurata , si daca vad linkul o repara si nu primesc nimic ? Sau imi raspund si imi multumesc si ma platesc?

Si , dau in paypal ?

Link to comment
Share on other sites
poq Newbie

poq

Posted
Posted

Dac? este cu adev?rat o problema acolo o sa iti r?spund?, stai lini?tit ca nu se joaca ei sa repare si sa nu iti r?spund?. Chiar daca nu este o problema tot o sa iti zica de ce nu te-ai calificat pentru reward. Daca o sa iti zica

"Hi ****,

Nice catch! I’ve filed a bug and will update you once we’ve got more

information.

Regards,

*****, Google Security Team"

atunci esti pe drumul cel bun deocamdat?.

Ei nu trimit banii prin paypal, doar transfer bancar.

Link to comment
Share on other sites
BlitzKrieg Newbie

BlitzKrieg

Posted
Posted

Da-ne ma si noua bug-ul ! Faci pe desteptul il trimiti tu la google sa iti dea aia bani asa milog esti :) iti dau eu bani pe el daca e bun posteaza-l aici sa il vedem si noi. Ce te astepti sa te angajeze aia la ei sau sa iti dea cateva mii asa ca ai gasit tu un bug?

Ba ai dreq sunt romanii astia ca natie...

Pune-l aici ca tot cu noi faci treaba !

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...