- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
You must log in or register to comment.
To clarify this is about someone identifying a vulnerability and getting $10k from Google for it
I was just thinking “maybe I can just give them my email…” but of course it isn’t that simple
I’d pay $10,000 for your email.
Fun read
This and some browsing of the public Facebook account will get you into most people’s accounts with minimal effort, social engineering is wild and made me lose interest in being a hacker growing up because it was too easy and made me uncomfortable. (I wanted to be mr robot so bad, I was delusional lol)
Remember back in the day when you could get apple users emails through a simple number incrimination in i believe the app store website?
The documentary The Hacker Wars highlighted the issue and if i remember weev went to jail for it. I probably need to rematch it again.
Also if people are interested in that kind of documentary The Internet’s Own Boy is a heartbreakingly excellent story of what the US put Allen Schwartz through.
So… Google Mail will not show me emails if their title is 2.5 million letters long? Pathetic
Nice exploit chain!
Here’s a POC of the exploit in action:
This video has been removed for violating the YouTube TOS
