Home2015February

Google.com – Mobile Feedback URL Redirect Regex/Validation Flaw

Author:

February 3, 2015February 12, 2015 bbuerhaus application security, appsec, bug bounty, google, javascript, mobile, regex, research, security

Back in October of last year I discovered a JavaScript flaw on Google.com that bypassed protocol validation by abusing an if check against a URL parsed by regex. I was unable to find a way to attack this vector, but was still rewarded a bounty of $500 due to Google knowing of an active browser vulnerability that allowed them to exploit it successfully.

Continue reading →

Flickr API Explorer – Force users to execute any API request.

Author:

Brett Buerhaus

February 3, 2015February 12, 2015 bbuerhaus bounty programs, cross-site request forgery, csrf, flickr, hackerone, research, security

Flickr has a developer application section called The App Garden. Developers are able to create apps that make API calls to Flickr as an authenticated user via OAuth. I discovered a Cross-Site Request Forgery (CSRF) attack vector that allowed you to attack any user on Flickr.

Continue reading →

Brett Buerhaus

Vulnerability disclosures, puzzle write-ups, and rambles on application security.

Month: February 2015

Google.com – Mobile Feedback URL Redirect Regex/Validation Flaw

Flickr API Explorer – Force users to execute any API request.