In this video we hear the story how Ezequiel Pereira found a critical vulnerability in Google Cloud and was awarded $164,674 in total. This is a crazy bug, because it requires so much knowledge about Google internals. We will learn about Google's Global Software Load Balancer, BNS addresses and other Google secret tricks!
This video was sponsored by the Google Vulnerability Rewards Program: https://security.googleblog.com/2021/03/announcing-winners-of-2020-gcp-vrp-prize.html
Ezequiel's own Writeup: https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html SRE Book: https://sre.google/books/
00:00 - Intro 00:33 - Meet Ezequiel Pereira 00:58 - The Impact Of The Bug 02:41 - Winning The $133,337 Prize! 04:03 - How To Find a Product To Research? 06:05 - How To Approach Google Products? 07:16 - The BEST Tip For Bug Hunters! 08:08 - What Does Deployment Manager Do? 09:00 - Type Providers: First Research Into Deployment Manager 11:03 - Using Type Providers for SSRF? 13:00 - Going Deeper - Finding A Hidden Version 15:01 - The Google Dogfood Version 15:52 - Discovering Internal Google Options - GSLB 17:34 - The Google SRE Book - Explaining Googles Software Load Balancer 19:34 - Exploiting GSLB? 21:58 - Failing to Exploit GSLB 22:28 - Abusing Protobuf To Find Hidden Enums 25:34 - Google API GRPC/Protobuf Tricks 29:11 - SUCCESS! Attacking Google's Network via GSLB SSRF! 30:34 - Summary
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join