Here's a POC of the exploit in action:
This video has been removed for violating the YouTube TOS
this post was submitted on 12 Feb 2025
351 points (97.8% liked)
Technology
62853 readers
3846 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
Sharing a video about a Google security vulnerability on Google's own platform. What would you expect?
They did disclose it to Google before, and got a bounty but it seems the moderators from YouTube didn't get the memo
When FFXIV implemented better blocking tools this past summer, there was an option when blocking a single character to block the entire service account. This would be fine, but the implementation they went with is client side, and when you select that option, you get the service account ID. Which means that if you’re blocked by someone, you can’t made an alt character to stalk/harass them. But with third party tools, we can see this account ID. The stalker could just use a new account and find the person’s account ID that they were harassing and find any alt character they have in the game. They’re changing this soon as a third party tool popped up and is now able to do this, full source code leaked so there’s no shutting it down until the game devs change how it’s done.
This sounds super similar, but the implementation that you had to do for google is crazy.
Saying full source code leaked is a little wrong.
Plugin was always open source, and all plugins for that framework are required to be open source by the framework's licensing.
Doesn't change the fact that once one person did it, the code was available for anyone, though, you're right.
Ah yea. Idk why I said leaked since it was published that way. Nice call out!
This and some browsing of the public Facebook account will get you into most people's accounts with minimal effort, social engineering is wild and made me lose interest in being a hacker growing up because it was too easy and made me uncomfortable. (I wanted to be mr robot so bad, I was delusional lol)
Remember back in the day when you could get apple users emails through a simple number incrimination in i believe the app store website?
The documentary The Hacker Wars highlighted the issue and if i remember weev went to jail for it. I probably need to rewatch it again.
Also if people are interested in that kind of documentary The Internet's Own Boy is a heartbreakingly excellent story of what the US put Arron Schwartz through.
(This was when facebook contacts would/could get added to yahoo contacts or whatever? IDK I had 100s of emails in there)
It took them 147 days to fix this?!?
To clarify this is about someone identifying a vulnerability and getting $10k from Google for it
I was just thinking "maybe I can just give them my email..." but of course it isn't that simple
I'd pay $10,000 for your email.
$10,000 and my ass eaten? Sold.
Prepare for a lot of furry porn on you inbox.
Prepare for a lot of furry scat porn in your inbox.
that's the real maricle here, an actual payout of a bounty.
...huh? Bug bounty payouts are not even remotely rare in either the industry as a whole or Google specifically.
Fun read
So.. Google Mail will not show me emails if their title is 2.5 million letters long? Pathetic
Nice exploit chain!