Saturday, February 25, 2012

I’M IN GOOGLE HALL OF FAME !

Finally after a long awaited time, I made it to Google Security Hall of Fame under honorable mention.
On 1 November 2010, Google launched a Vulnerability Reward Program for Google web properties.

Any Google web properties which display or manage highly sensitive authenticated user data or accounts may be in scope. Some examples could include:

*.google.com
*.youtube.com
*.blogger.com
*.orkut.com


Few weeks back, we (Subho Halder, Aditya Gupta and Dev Kar ) reported 6 Clickjacking bugs in many google products, and made a nice POC of all of them.
The X-FRAME-OPTIONS was missing from some of the important Google Products like Translate, Scholar and many more.

Using the bug, a user’s status could be updated automatically, without the user coming to know about it.Google guys responded promptly, and put us in their Hall of Fame – Honorable Mention for the report.Google Security Hall of Fame

Google Clickjacking POC

Thanks Google


Signed off:-Dev Kar
Posted by at

No comments:

Post a Comment

Type in for your comments and queries...

Subscribe to: Post Comments (Atom)