Guess What? Someone just downloaded Twitter’s Vine complete source code and was paid about $10,000 for it . Seems I’m going to become a bounty hunter soon.. Hehehe.
Vine is a short-form video sharing service where people can share 6-second-long looping video clips. Twitter acquired the service in October 2012.
Indian Bug bounty hunter Avinash discovered a loop hole in vine that allowed him to download a Docker image containing complete source code of Vine without any hassle.
Launched in June 2014, Docker is a new open-source container technology that makes it possible to get more apps running on the same old servers and also very easy to package and ship programs. Nowadays, companies are adopting Docker at a remarkable rate.
However, the Docker images used by the Vine, which was supposed to be private, but actually was available publically online.
While searching for the vulnerabilities in Vine, Avinash used Censys.io – an all new Hacker’s Search Engine similar to Shodan – that daily scans the whole Internet for all the vulnerable devices.
Using Censys, Avinash found over 80 docker images, but he specifically downloaded ‘vinewww‘, due to the fact that the naming convention of this image resembles www folder, which is generally used for the website on a web server.
After the download was complete, he ran the docker image vinewww, and Bingo!
The bug hunter was able to see the entire source code of Vine, its API keys as well as third-party keys and secrets. “ Even running the image without any parameter, was letting me host a replica of VINE locally,” He wrote.
The 23-year-old reported this blunder and demonstrated full exploitation to Twitter on 31 March and the company rewarded him with $10,080 Bounty award and fixed the issue within 5 minutes.
Avinash has been an active bug bounty hunter since 2015 and until now has reported 19 vulnerabilities to Twitter.
Google pays Student $10,000 For Reporting Security Flaw
Last year, Google released a result which shows that hackers were rewarded $3 million throughout 2016. Recently, a Uruguayan student has been rewarded with $10,000 because he managed to discover a vulnerability in Google.
According to Ezequiel Pereira, he found the vulnerability when he was playing with Google services using a web security testing tool known as Burp Suite.
He was actually playing with Burp Suite to find the vulnerability, after many failed attempts, he discovered that the internal web page of yaqs.googleplex.com didn’t have the username or password check in place.
Googleplex.com hosts several Google App Engine applications.
Ezequiel Pereira wrote
“The website’s homepage redirected me to “/eng”, and that page was pretty interesting, it had many links to different sections about Google services and infrastructure, but before I visited any section, I read something in the footer: “Google Confidential
“At that point I stopped poking at the website and reported the issue right away, without even thinking of a better way to show the vulnerability than with Burp”
He also shared screenshots of the email exchanges with Google’s security team the same day. Google’s security team confirmed that the bug he reported was very effective. Pereira says he was very surprised when he received $10,000 from Google team for his work after a month.
However, Google has resolved the vulnerability and the large reward was because they found a few variants that would have allowed an attacker access sensitive data”
Have A Look At The 7 Most Beautiful Hackers In The World
She is a hacker and former playmate . An old friend of hers decided to pose on the internet as her and started taking money for doing so.
This did not go down well with her. If there was anyone who was going to be making money off her body, it was going to be her.
She came across an unauthorized website with her pictures, then she took matters into her own hands and hacked into the account herself to take them down the photos.
After the successful attempts, Cooke also used her hacking skills to help others in similar situations
She was also known as the “Hacker Fairy” to other women being taken advantage of on the Internet.
Ying teaches people the basics of hacking; things like changing your IP address or wiping Office passwords
Who doesn’t want to learn how to hack from a beautiful chic ?
She was first noticed in a Chinese Hackers’ forum post that got her noticed and created a huge fan base for her.
Her work is quite impressive as well. She’s an expert in writing hacking software and charges a lot of money for simple courses on hacking tools.
She usually makes about $2000 per month in the hacking business and for that, she certainly deserves your respect.
Kristina was a student at The New York University and is a money mule hacker.
She attempted to defraud several British and U.S. banks of millions of dollars using a Trojan horse malware. With collective team efforts, she earned a sum of more than $3 million by opening fake bank accounts and using fake passports.
Kristina was later arrested in 2011 but released after signing a bond and paying $25,000 as bail.
If she had been convicted, she could have been imprisoned for more than 40 years.
Ravel Alder is certainly s one of the most gifted and intelligent hackers who’s using her education for good use. She was the first female to give a presentation at DefCon, one of the worlds most prestigious gatherings of hackers .
She currently helps corporations protect their data and other sensitive information. She is also a consultant, lecturer and author who deals in hacking and computer security.
Kim also known as Gigabyte, the Belgium national is well known for developing many high caliber viruses that target hardwares and subsequently destroy sensitive information.
She wrote her first virus when she was 14. She wrote the viruses not to gain money but to cement her position in a group of hackers that are dominated by men. She wanted to prove to the world that women too can write viruses and can be dangerous hackers, unlike what the world knows it to be. Her virus, Sharp, is credited to being the first virus ever written in C Sharp.
Vanvaeck was later arrested when she was aged 17 but was out on bail in 24 hours due to her minor status.
Tian formed the female hacking group called “China Girl Security Team,” as she felt that there was no other outlet for teenage girls like her in the male-dominated world of hacking.
Her group has ties with some of the most notorious hacking organisations in the world and has become one of the largest Chinese-based hacking groups.
As with most well-known and outspoken groups of this nature, Tian and the rest of China Girl Security Team continue to receive attention from national and international police organizations due to their activities.
Anna was a Russian hacker who lived in New York City before she was arrested, along with nine others in 2010. She was accused of working for the Illegals Program spy ring under the Russian Federation’s external intelligence agency.
Chapman pleaded guilty to a charge of conspiracy to act as an agent of a foreign government without notifying the U.S. Attorney General, and was deported to Russia, as part of a prisoner swap. She also lost her U.S. citizenship.
Huawei prepares new processor far more powerful than Kirin 990
Fortnite to premiere a scene from Star Wars: The Rise of Skywalker next week
Blizzard is testing PvP combat mode for Diablo 4
Oppo Reno 3 Pro will be serious competition for OnePlus 7T Pro! Understand why
Next book of Game of Thrones may be near release. This is why
OnePlus 8 Lite: Video shows what the future mid-range OnePlus will look like
Nokia 2.3 is official! Meet the new ‘budget’ smartphone with Android One!
Red Dead Redemption 2 is now on Steam and the players are furious!
Xiaomi is about to launch 3 new SmartTVs! Know some details!
Samsung Galaxy S11 + will have a super battery!
Car Accident Victim Takes Selfie, Posts On Facebook With Funny Caption
Google Launches Google Search Lite To Help You Save Data
Cheap Data Plans For MTN, GLO, 9Mobile And Airtel – March 2019
Top 5 Most Anticipated 5G Smartphones You Would Definitely See In 2019
Huawei folding smartphone: News and rumors
VR Apps For Kids : The Best 5 Virtual Reality Apps For Kids
iTel P33 And iTel P33 Plus – Price And Full Specs
MTN Pulse – How To Get 1GB For N200 On MTN
Naijatechguy Approved To Run Facebook Ads
Download Default Firmware (Stock Rom) For All Tecno Devices Here
- smartphones2 weeks ago
Xiaomi Mi 10 or Xiaomi Mi Mix 4? One of them will feature this
- smartphones1 week ago
Xiaomi Mi 9 disappears from the official site. Xiaomi Mi 10 coming?
- gaming4 days ago
Mario Kart Tour is the most popular iPhone game in 2019. See the full list
- Tech2 weeks ago
Tesla Cybertruck: Dubai Police Dream of a Fleet on the Roads by 2020!
- smartphones7 days ago
Xiaomi Mi 10 Pro is confirmed by the brand CEO! It promises to surprise!
- Tech7 days ago
Google and the public choose the best of 2019 in the Play Store! Know the winners
- smartphones1 week ago
Google Stadia Command Will Dismiss Any Wired Connection by 2020
- smartphones1 week ago
iPhone 12 may bring in one of the best accessories for Apple smartphones