Hacking into Google's Network for $133,337
27,648In this video we hear the story how Ezequiel Pereira found a critical vulnerability in Google Cloud and was awarded $164,674 in total. This is a crazy bug, because it requires so much knowledge about Google internals. We will learn about Google's Global Software Load Balancer, BNS addresses and other Google secret tricks!
This video was sponsored by the Google Vulnerability Rewards Program:
https://security.googleblog.com/2021/03/announcing-winners-of-2020-gcp-vrp-prize.html
Ezequiel's own Writeup: https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html
SRE Book: https://sre.google/books/
GCP Prize 2020: https://www.youtube.com/watch?v=J2icGMocQds
00:00 - Intro
00:33 - Meet Ezequiel Pereira
00:58 - The Impact Of The Bug
02:41 - Winning The $133,337 Prize!
04:03 - How To Find a Product To Research?
06:05 - How To Approach Google Products?
07:16 - The BEST Tip For Bug Hunters!
08:08 - What Does Deployment Manager Do?
09:00 - Type Providers: First Research Into Deployment Manager
11:03 - Using Type Providers for SSRF?
13:00 - Going Deeper - Finding A Hidden Version
15:01 - The Google Dogfood Version
15:52 - Discovering Internal Google Options - GSLB
17:34 - The Google SRE Book - Explaining Googles Software Load Balancer
19:34 - Exploiting GSLB?
21:58 - Failing to Exploit GSLB
22:28 - Abusing Protobuf To Find Hidden Enums
25:34 - Google API GRPC/Protobuf Tricks
29:11 - SUCCESS! Attacking Google's Network via GSLB SSRF!
30:34 - Summary
-=[ β€οΈ Support ]=-
β per Video: https://www.patreon.com/join/liveoverflow
β per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ π Social ]=-
β Twitter: https://twitter.com/LiveOverflow/
β Instagram: https://instagram.com/LiveOverflow/
β Website: https://liveoverflow.com/
β Subreddit: https://www.reddit.com/r/LiveOverflow/
β Facebook: https://www.facebook.com/LiveOverflow/