InfoSecBulletin Cybersecurity for mankind
The writing is first published to medium where Henry N. Caga wrote about how he find out Google’s vulnerability and achieved hall of fame recognition.
Henry N. Caga wrote I stumbled upon a discovery that sent shockwaves through my system: an XSS (Cross-Site Scripting) vulnerability lurking within one of Google’s sub-domains. This vulnerability not only revealed a potential entry point for malicious actors but also shed light on the critical importance of robust cybersecurity practices, even for tech giants like Google. This discovery led to my advancement in the Google’s Hall of Fame and a reward. Read on to find out how much Google rewards for this discovery.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
Discovery:
As a cybersecurity enthusiast, I often engage in what some might call “ethical hacking” — the search for vulnerabilities within systems with the intent to improve security. While exploring various sub-domains of popular websites, I came across an unassuming sub-domain and URL linked to Google.
This URL caught my eye:
https://aihub.cloud.google.com/url?q=https://cidadesmineradoras.com.br
At first glance, I had a gut feeling that this URL might be vulnerable.
Bug Hunting Tip #1: Always trust your instincts. If a URL seems vulnerable to you, it probably is!
I attempted to input various payloads into the ‘q’ parameter to see if I could uncover anything interesting or find a vulnerability, but unfortunately, I was unsuccessful. After trying different payloads without success, I decided to focus on my favorite XSS payload. I began tweaking and refining it.
Payload to Use: “><SvG/onload=alert(document.domain) id=hncaga>
To make this work correctly, I need to ‘URL encode’ special characters such as spaces, parentheses, etc.
The complete URL will be: https://aihub.cloud.google.com/url?q=https://cidadesmineradoras.com.br%22%3E%3CSvG/onload=alert(document.domain)%20id=hncaga%3E
Of course, this also didn’t work because this payload had already been included in my previous tests on this target URL.
What I did next was ‘URL encode’ all the characters of my payload to see if it could bypass filtering. Click here to read the full report.
