🐛 A list of writeups from the Google VRP Bug Bounty program
*writeups: not just writeups
If you have/know of any Google writeups not listed in this repository, feel free to open a Pull Request. If the writeup is new, add it to the top of the list, if it is not, to the end.
The template to follow when adding new writeups:
- [TITLE](URL) by [NAME](TWITTER_URL)
If no Twitter account is available, try finding something similar, like other social media page or website.
David Schütz, YOUR_NAME_HERE
Thank you! 🎉
- $36k Google App Engine RCE by Ezequiel Pereira
- How I hacked Google’s bug tracking system itself for $15,600 in bounties by Alex Birsan
- XSS in GMail’s AMP4Email via DOM Clobbering by Michał Bentkowski
- $10k host header by Ezequiel Pereira
- Into the Borg – SSRF inside Google production network by Enguerran Gillier
- SSRF in Google Cloud Platform StackDriver by Ron Chan
- $7.5k Google services mix-up by Ezequiel Pereira
- Google Bug Bounty: LFI on Production Servers in “springboard.google.com” – $13,337 USD by Omar Espino
- Bypassing Google’s authentication to access their Internal Admin panels by Vishnu Prasad P G
- Creative bug which result Stored XSS on m.youtube.com by Sasi Levi
- $7.5k Google Cloud Platform organization issue by Ezequiel Pereira
- Gsuite Hangouts Chat 5k IDOR by Cameron Vincent
- $5k Service dependencies by Ezequiel Pereira
- Open redirects that matter by Tomasz Bojarski
- Google VRP : oAuth token stealing by Harsh Jaiswal
- Combination of techniques lead to DOM Based XSS in Google by Sasi Levi
- Unauth meetings access by Rojan Rijal
- Deleting/Altering All Google Cloud Budget Monitors by Cameron Vincent
- Youtube Editor XSS Vulnerability by Jasminder Pal Singh
- Google bugs stories and the shiny pixelbook by Missoum Said
- $500 getClass by Ezequiel Pereira
- Google Webmaster Markup Helper Framed Application XSS by Jasminder Pal Singh
- Voice Squatting & Voice Masquerading Attack against Amazon Alexa and Google Home Actions by ???
- Stored XSS on biz.waze.com by Rojan Rijal
- XSSing Google Code-in thanks to improperly escaped JSON data by Thomas Orlita
- Writeup for the 2019 Google Cloud Platform VRP Prize! by Missoum Said
- Blind XSS against a Googler by Rojan Rijal
- Youtube XSS Vulnerability [Stored -> Self Executed] by Jasminder Pal Singh
- How I could have hijacked a victim’s YouTube notifications! by Yash Sodha
- Bypassing Firebase authorization to create custom goo.gl subdomains by Thomas Orlita
- Multiple XSSs on hire.withgoogle.com by Rojan Rijal
- Reflected XSS in Google Code Jam by Thomas Orlita
- Auth Issues on hire.withgoogle.com by Rojan Rijal
- Waze remote vulnerabilities by PanguTeam
- Liking GitHub repositories on behalf of other users — Stored XSS in WebComponents.org by Thomas Orlita
- G Suite - Device Management XSS by Rojan Rijal
- XSS in YouTube Gaming by Ashar Javed
- Exploiting Clickjacking Vulnerability To Steal User Cookies by Jasminder Pal Singh
- Inserting arbitrary files into anyone’s Google Earth Projects Archive by Thomas Orlita
- Stored, Reflected and DOM XSS in Google for Work Connect (GWC) by Ashar Javed
- Clickjacking DOM XSS on Google.org by Thomas Orlita
- Billion Laugh Attack in https://sites.google.com by Antonio Sanso
- Again, from Nay to Yay in Google Vulnerability Reward Program! by Ahmad Ashraff
- I hate you, so I pawn your Google Open Gallery by Ahmad Ashraff
- XSRF and Cookie manipulation on google.com by Michele Spagnuolo
- Best Of Google VRP 2018 by Daniel Stelter-Gliese
- Great Bugs In Google VRP In 2016 by Martin Straka and Karshan Sharma
- Google Cloud Platform vulnerabilities by Ezequiel Pereira
- Google Paid Me to Talk About a Security Issue! by LiveOverflow
- War Stories from Google’s Vulnerability Reward Program by Gábor Molnár
- Secrets of the Google Vulnerability Reward Program by Krzysztof Kotowicz