As someone who mostly works with networks, I got unreasonably excited for the DHCP exploit. Rogue DHCP servers are fun!

Using openssl to generate a shared library blew my mind ... wow

I'm an c dev (kernel dev), and I watch your videos for the exact reason you hope for. I've used some knowledge from your video to report potential exploits in our code.

The video editing you did was great. I liked the split screen with camera on the left and screen recording on the right. Also how you animated the chat bubble to move left at 07:46, so that one does not have to rewind the video if one wants to read the whole text.

Glad to see you talking about web apps after so long

I really enjoy these videos! As a software engineer who just migrated my company from linode to GCP though, sometimes I feel less secure letting google handle certain things for me. But I also know they have a lot more people working on that product so I would assume that they would resolve things much quicker than at a smaller shop. I also wanted to say I really appreciate you put links to the write ups in the description!

Thanks!

The #1 winning submission writeup is linked in the description, I just read it and it's unbelievable how clear it is. You guys should check it out

Best channel availiable in youtube by far, keep this up bro!

Next video: Discovering a 0-Day RCE on Google servers to play Minecraft on it

this was such fun to watch, and really motivating, thanks a lot for sharing!

Yay, normal videos are back :) Missed it!

This was fascinating, it’s making me think of getting into security

Not too many people can talk so emotionally and, at the same time, informatively about such things.

Love how many of the prices are a variation of 1337. There are too many that this could be a coincidence :D

I'm felling this rewards are too low. One single intruder can cause a havoc inside a company, and even more, if you are dealing with Google Cloud, you will allowed to invade a lot of companies. The cost will be around millions, for sure. And Google rewards with 1,2,5 thousands? Too low. It will be more profitable to go the other side.

Great stuff as always! You always looked like someone famous to me, but I couldn't quite put my finger on it...until last night when I watched a movie with Michael Cera in it. You're literally the German Michael Cera 🤣

fr stay on the grind

This isn't Minecraft

15:34 doesn't it write "3133.70 as a reward" in this post? You said previous exploiter was rewarded 3313.70

Where is my Minecraft video? 😢

thank you for sharing your knowledge \o/ appreciated

Honest video.

Your face is slowly upgrading into Mr Robot Look alike 😂😂

now i will learn Kubernetes and do some exploits this videos was very cool now i am all fired up 😁

When you'll organize a CTF?

this stuff is so cool, i cant wait for my 12th grade exams to get over so I can start learning

i m learning about crypto stuff (aes, certificates, etc) and putting the malware in the serial number is just... usually that number must be unique inside the CA, so when you request to a CA for signing it is them who create the serial number... of couse, if you have a signed certificate (for your website, app, etc), you can use that to sign things like: documents, sofware, or you own certificate. im actually surprised openssl dont limit the length of the serial number, unless for no-root-CA-signed certificates,

How can u use this to access cashapps mobile payments network?

talk about follina pls!

Why that specific limit on price

Why not filter DHCP packets - at least cross tenants.. why would the GCP allow it?

Ballpoint or regular

This is better than Minecraft videos

Something about hacking Google. U got my view, very interesting

15:35 you should use a "," not a "."

done dikit&tamsak boss diskarte moto

But is it pronounced Kubernetes or Kubernetes 🤔

Do a vid on azure.. you'll be in their machines with root within 5mins 😂

You're german right? I think I hear it from your voice

Really cool

This video looks like it's stretched sideways.

I can’t get it, you consider yourself a security expert, but why you closed yourself in closed source ecosystem?

4:45 this is WHAT it looks like. when you say: this is how it looks like. It is translated too literally from German. We have the same problem in Dutch.

is Google paying you for looking up these same CVE's in their business?

i did not understand anything but i felt it was awesome xD

Hi, ich mag deine Videos, vielen Dank für deine Mühe. Was ich nicht verstehe, wieso deine Videos scheinbar bei KZbin unproblematisch sind und die anderer CyberSec KZbinr, die nichts zeigen was Hacking wäre, geblockt werden, wie zuletzt bei Florian Dalwigk. Ich verstehe es einfach nicht.

when did he do a face reveal?

I don't understand any of this gibberish . How can I understand this new found knowledge ?

It's not pronounced "ist i o" but "istio" which basically means "sail" in Greek.

shodan dataflow :/

need to make that mic louder

here we go again

where minecraft

cool

def

Short answer: Yes, you can

Wow. Google does not pay a lot out. I'd just sell it on a zero day market.

>accessing Google cloud using browser

💘💘💘💘💘💘💘💘💘 more videos like this

Offcourse ask your Chinese friends. They have access to all Google cloud machines.

I thought this was a Minecraft channel now

This used to be a cool Minecraft channel.

where the hell are my minecraft videos

hi iam danny i want edius x crack keygen pl

This is comment number 70

Got KZbin hacked? My comment is gone. 🤔

wtf that RCE compensate about 100k$ from a trillion dollar company. kudos to all hunters for their effort.

21:31

w i d e

Either say "What the attack would look like." or "How the attack would look. There is NO "how something looks like." how it looks. or what it looks like.

the 5K guy... it cost him more time/money to write just a documentation, then the price itself. kids, this is called intellectual prostitution plz don't do this.

We need more from Minecraft series

-mine-*craft*

It's pronounced "IS-TIO" man, not IST-I-O.

No

U r getting old 🥺

He's just talking shit about what other hackers did. But the truth is he can't hack shit.

Fun fact: $31.337 translates to "eleet" in leetspeak.

I watch this while doing overthewire wargames

1337 000 is an interesting number, it spells leet