Could I Hack into Google Cloud?
127.8 هزار بار بازدید -
2 سال پیش
-
Google announced the Google Cloud
Google announced the Google Cloud Platform (GCP) Prize 2021 - 133.337$ for the best bug bounty report for the Google Cloud Platform. Reading writeups is important to stay up to date and learn about different attacks. In this video I go over the 6 winners and share my thoughts.
This video is sponsored by Google.
The announcement: https://security.googleblog.com/2022/...
Winning submissions:
#1 https://www.seblu.de/2021/12/iap-bypa... ($133,337)
#2 https://github.com/irsl/gcp-dhcp-take... ($73,331)
#3 https://mbrancato.github.io/2021/12/2... ($73,331)
#4 Medium: the-speckle-umbrella-story-part-2 ($31,337)
#5 https://lf.lc/vrp/203177829 ($1001)
#6 https://docs.google.com/document/d/1-... ($1000)
GCP Prize 2020: Hacking into Google's Network for $13...
GCP Prize 2019: $100k Hacking Prize - Security Bugs i...
Google Paid Me to Talk About a Security Issue! Google Paid Me to Talk About a Securi...
Fuzzing Java to Find Log4j Vulnerability - CVE-2021-45046 Fuzzing Java to Find Log4j Vulnerabil...
----
00:00 - Intro GCP Prize 2021
01:05 - 6. "Command Injection in Google Cloud Shell" by Ademar Nowasky Junior
03:36 - 5. "Remote code execution in Managed Anthos Service Mesh control plane" by Anthony Weems
08:31 - 4. "The Speckle Umbrella story — part 2" by Imre Rad
11:33 - 3. "Remote Code Execution in Google Cloud Dataflow" by Mike Brancato
15:47 - 2. "Google Compute Engine VM takeover via DHCP flood" by Imre Rad
20:12 - 1. "Bypassing Identity-Aware Proxy" by Sebastian Lutz
22:42 - Summary and Conclusion
23:58 - Outro
=[ ❤️ Support ]=
→ per Video: Patreon: liveoverflow
→ per Month: @liveoverflow
=[ 🐕 Social ]=
→ Twitter: Twitter: LiveOverflow
→ Instagram: Instagram: LiveOverflow
→ Blog: https://liveoverflow.com/
→ Subreddit: Reddit: LiveOverflow
→ Facebook: Facebook: LiveOverflow
This video is sponsored by Google.
The announcement: https://security.googleblog.com/2022/...
Winning submissions:
#1 https://www.seblu.de/2021/12/iap-bypa... ($133,337)
#2 https://github.com/irsl/gcp-dhcp-take... ($73,331)
#3 https://mbrancato.github.io/2021/12/2... ($73,331)
#4 Medium: the-speckle-umbrella-story-part-2 ($31,337)
#5 https://lf.lc/vrp/203177829 ($1001)
#6 https://docs.google.com/document/d/1-... ($1000)
GCP Prize 2020: Hacking into Google's Network for $13...
GCP Prize 2019: $100k Hacking Prize - Security Bugs i...
Google Paid Me to Talk About a Security Issue! Google Paid Me to Talk About a Securi...
Fuzzing Java to Find Log4j Vulnerability - CVE-2021-45046 Fuzzing Java to Find Log4j Vulnerabil...
----
00:00 - Intro GCP Prize 2021
01:05 - 6. "Command Injection in Google Cloud Shell" by Ademar Nowasky Junior
03:36 - 5. "Remote code execution in Managed Anthos Service Mesh control plane" by Anthony Weems
08:31 - 4. "The Speckle Umbrella story — part 2" by Imre Rad
11:33 - 3. "Remote Code Execution in Google Cloud Dataflow" by Mike Brancato
15:47 - 2. "Google Compute Engine VM takeover via DHCP flood" by Imre Rad
20:12 - 1. "Bypassing Identity-Aware Proxy" by Sebastian Lutz
22:42 - Summary and Conclusion
23:58 - Outro
→ per Video: Patreon: liveoverflow
→ per Month: @liveoverflow
→ Twitter: Twitter: LiveOverflow
→ Instagram: Instagram: LiveOverflow
→ Blog: https://liveoverflow.com/
→ Subreddit: Reddit: LiveOverflow
→ Facebook: Facebook: LiveOverflow
2 سال پیش
در تاریخ 1401/03/13 منتشر شده
است.
127,819
بـار بازدید شده