Its been a month now that i took my new year resolution of blogging more often, And its apperant from my actions that how those new year resolutions wind up.lol.This year is pretty diffrent though,a lot has happened and a lot of things are happining to me.Some good ,some bad and some "ironic".
Lets talk about the good parts and leave the bad parts for me to mug upon. :P
The good thing is that i made it into google hall of fame for reporting 6 clickjacking vulnerebilities in their web products,with 2 other guys sunny rockzzs and aditya gupta.Unfortunately they didn't pay us anything :( coz the vulnb depended too much upon the attack vector.But getting into hall of fame page was a gud moment for me.
I was also able to make it into apple's security researchers list.This was pretty controversial as the vulnerebelity we submitted was already been submitted by a 16 yr old German kid cim stordal.So we all were credited for finding the vulnb which for Cim was little annoying.Getting into apple hall of fame was the second best thing this year :)Also found many more bugs in many other web applications.
But one intereting thing happened almost unknowingly,we found a bug in Gmail,at the first sight it looked like a simple xss(non persitant),so we submited our bug report to google security team.They responded very promptly,after the initial analysis of the bug it turned out that there wasn't any problem with the gmail.But the bug was actually a browser bug,so the googgle guy filled a private bug in the chromium project.We went very happy and all for finding a browser bug that too in chrome :P.But after the analysis of the bug by chromium security team it turned out that there wasn't a problem with the chrome browser the bug actually existed in the "webkit engine".That means all the browsers powered by webkit engine would be vulnb. to this attack.We tried it on safari and it worked.
Yeppiii!!we got a webkit bug!
So now what we have is a XSS which turned to be a browser bug which later turned out to be a webkit bug,what are the odds for that. lol.We are happy for what we have found out unknowingly :P.But the sad part is neither we would be credited by Google security team and nor by Chromium security team ,forget the money they won't even mention our names.:( The webkit open source project as per my knowledge doesn't offer any credits or monetary reward for bugs.They will fix the bug and will mail us the link for downloading the latest nightly build and we have to check if the fix is working properly or not.We still don't know whether we will be credited or not,But we should be credited as the Bug we found out did help in making the browser more secure.
I will be discussing more about the bug that we found out,once its patched.(Ethics :P)
signed off-
Dev Kar
No comments:
Post a Comment
Type in for your comments and queries...