Could I Hack into Google Cloud?
Рет қаралды 127,698
Күн бұрынGoogle announced the Google Cloud Platform (GCP) Prize 2021 - 133.337$ for the best bug bounty report for the Google Cloud Platform. Reading writeups is important to stay up to date and learn about different attacks. In this video I go over the 6 winners and share my thoughts.
This video is sponsored by Google.
The announcement: security.googleblog.com/2022/...
Winning submissions:
#1 www.seblu.de/2021/12/iap-bypa... ($133,337)
#2 github.com/irsl/gcp-dhcp-take... ($73,331)
#3 mbrancato.github.io/2021/12/2... ($73,331)
#4 / the-speckle-umbrella-s... ($31,337)
#5 lf.lc/vrp/203177829 ($1001)
#6 docs.google.com/document/d/1-... ($1000)
GCP Prize 2020: • Hacking into Google's ...
GCP Prize 2019: • $100k Hacking Prize - ...
Google Paid Me to Talk About a Security Issue! • Google Paid Me to Talk...
Fuzzing Java to Find Log4j Vulnerability - CVE-2021-45046 • Fuzzing Java to Find L...
----
00:00 - Intro GCP Prize 2021
01:05 - 6. "Command Injection in Google Cloud Shell" by Ademar Nowasky Junior
03:36 - 5. "Remote code execution in Managed Anthos Service Mesh control plane" by Anthony Weems
08:31 - 4. "The Speckle Umbrella story - part 2" by Imre Rad
11:33 - 3. "Remote Code Execution in Google Cloud Dataflow" by Mike Brancato
15:47 - 2. "Google Compute Engine VM takeover via DHCP flood" by Imre Rad
20:12 - 1. "Bypassing Identity-Aware Proxy" by Sebastian Lutz
22:42 - Summary and Conclusion
23:58 - Outro
=[ ❤️ Support ]=
→ per Video: / liveoverflow
→ per Month: / @liveoverflow
=[ 🐕 Social ]=
→ Twitter: / liveoverflow
→ Instagram: / liveoverflow
→ Blog: liveoverflow.com/
→ Subreddit: / liveoverflow
→ Facebook: / liveoverflow
@-..._-. 2 жыл бұрын
Y'know I like the Minecraft videos but it's nice to see this kind of video again.
@liquidmagma0 2 жыл бұрын
yup both cool and entertaining
@charlc 2 жыл бұрын
Using openssl to generate a shared library blew my mind ... wow
@ChillerDragon 2 жыл бұрын
Ironic that the tool used for encryption (basically security) has such a wide range of features which could all be used as a attack vector
@thelegalsystem 2 жыл бұрын
As someone who mostly works with networks, I got unreasonably excited for the DHCP exploit. Rogue DHCP servers are fun!
@Jagnathbaba 2 жыл бұрын
yes.Additionally this bug is inherent to a core protocol that everyone uses.
@seanvinsick5271 2 жыл бұрын
I'm an c dev (kernel dev), and I watch your videos for the exact reason you hope for. I've used some knowledge from your video to report potential exploits in our code.
@pajeetsingh 2 жыл бұрын
C code base? Miss them. Must be network right?
@MemoryOfLife 2 жыл бұрын
Next video: Discovering a 0-Day RCE on Google servers to play Minecraft on it
@GlassHouseAdventures 2 жыл бұрын
I really enjoy these videos! As a software engineer who just migrated my company from linode to GCP though, sometimes I feel less secure letting google handle certain things for me. But I also know they have a lot more people working on that product so I would assume that they would resolve things much quicker than at a smaller shop. I also wanted to say I really appreciate you put links to the write ups in the description!
@es2397 2 жыл бұрын
The video editing you did was great. I liked the split screen with camera on the left and screen recording on the right. Also how you animated the chat bubble to move left at 07:46, so that one does not have to rewind the video if one wants to read the whole text.
@shantanusharma5624 2 жыл бұрын
Glad to see you talking about web apps after so long
@Wyvernnnn 2 жыл бұрын
The #1 winning submission writeup is linked in the description, I just read it and it's unbelievable how clear it is. You guys should check it out
@bettercallmepol3493 2 жыл бұрын
Best channel availiable in youtube by far, keep this up bro!
@ahmedifhaam7266 Жыл бұрын
this was such fun to watch, and really motivating, thanks a lot for sharing!
@DoubleOhSilver 2 жыл бұрын
This was fascinating, it’s making me think of getting into security
@uaBArt 2 жыл бұрын
Where is my Minecraft video? 😢
@uaBArt 2 жыл бұрын
btw, great video, thanks
@Veso266 2 жыл бұрын
Yea, I miss minecraft
@davbj7707 2 жыл бұрын
You forgot to mention “I use Arch btw”.
@meqativ 2 жыл бұрын
Me when
@ronanru 2 жыл бұрын
This isn't Minecraft
@Ma_X64 2 жыл бұрын
Not too many people can talk so emotionally and, at the same time, informatively about such things.
@danikrimm99 2 жыл бұрын
Love how many of the prices are a variation of 1337. There are too many that this could be a coincidence :D
@JuanBotes 2 жыл бұрын
thank you for sharing your knowledge \o/ appreciated
@body_building_edits Жыл бұрын
fr stay on the grind
@ari_archer 2 жыл бұрын
Yay, normal videos are back :) Missed it!
@d4veg Жыл бұрын
Thanks!
@wrench2474 2 жыл бұрын
now i will learn Kubernetes and do some exploits this videos was very cool now i am all fired up 😁
@jpierce2l33t 2 жыл бұрын
Great stuff as always! You always looked like someone famous to me, but I couldn't quite put my finger on it...until last night when I watched a movie with Michael Cera in it. You're literally the German Michael Cera 🤣
@arantes6 2 жыл бұрын
I didn't know the name of that actor, but I literally guessed which actor you were talking about just because you said he looked like him 🤣
@felix-dk9tr 2 жыл бұрын
Ed Sheeran
@ytg6663 2 жыл бұрын
Your face is slowly upgrading into Mr Robot Look alike 😂😂
@ytg6663 2 жыл бұрын
@@bezosphere turning* 🙄
@P-G-77 Жыл бұрын
Honest video.
@chihuhahuana4863 2 жыл бұрын
this stuff is so cool, i cant wait for my 12th grade exams to get over so I can start learning
@danielhemmati 2 жыл бұрын
Really cool
@coffee-is-power 2 жыл бұрын
talk about follina pls!
@DoubleOhSilver 2 жыл бұрын
This is better than Minecraft videos
@berndeckenfels 2 жыл бұрын
Why not filter DHCP packets - at least cross tenants.. why would the GCP allow it?
@Kabup2 2 жыл бұрын
I'm felling this rewards are too low. One single intruder can cause a havoc inside a company, and even more, if you are dealing with Google Cloud, you will allowed to invade a lot of companies. The cost will be around millions, for sure. And Google rewards with 1,2,5 thousands? Too low. It will be more profitable to go the other side.
@infiniti2011 2 жыл бұрын
More profitable, yes. Better, no. The whole reason white hat hackers exist, is due to the inherent risk in black hat hacking. Yes, it's more profitable, but chances are there will be repercussions.
@accentor713 2 жыл бұрын
Ik thats pennies for trillion dollar companu
@Kabup2 2 жыл бұрын
@@infiniti2011 Until now, the repercussions are minimal. Cybercrime already is the 2nd most profitable crime in the world, behing drugs only. I bet black hats are paying way better to learn about a security issue with Google cloud. Google needs to step up, and prioritize security.
@infiniti2011 2 жыл бұрын
@@Kabup2 Yes, but chances are maybe you won't get caught. But guess what, if you do, you're screwed. Look at Ross Ulbricht. He sentenced extremely harshly, because they were making an example. If you're dealing with a massive billion dollar tech company, they'll probably have the resources, time, and money to absolutely make your life hell, and it helps set a precedent for people who try to hack Google like that. Those are just my thoughts.
@LiveOverflow 2 жыл бұрын
I don’t think it’s more profitable. I’m not sure if the bugs shown here in particular are that interesting for a blackhat campaign. They might be too noisy or impact just a bit too low.
@TheStruders 2 жыл бұрын
Do a vid on azure.. you'll be in their machines with root within 5mins 😂
@IrrationalDelusion 2 жыл бұрын
15:34 doesn't it write "3133.70 as a reward" in this post? You said previous exploiter was rewarded 3313.70
@terrabys Жыл бұрын
When you'll organize a CTF?
@lPlanetarizado Жыл бұрын
i m learning about crypto stuff (aes, certificates, etc) and putting the malware in the serial number is just... usually that number must be unique inside the CA, so when you request to a CA for signing it is them who create the serial number... of couse, if you have a signed certificate (for your website, app, etc), you can use that to sign things like: documents, sofware, or you own certificate. im actually surprised openssl dont limit the length of the serial number, unless for no-root-CA-signed certificates,
@AviPars 2 жыл бұрын
Why that specific limit on price
@thename2144 4 ай бұрын
How can u use this to access cashapps mobile payments network?
@spencerblackburn7670 2 жыл бұрын
Something about hacking Google. U got my view, very interesting
@spencerblackburn7670 2 жыл бұрын
Okay this could literally be a video resume?
@villasoma9869 2 жыл бұрын
i did not understand anything but i felt it was awesome xD
@ChillerDragon 2 жыл бұрын
this channel in a nutshell
@lorenzcyber 2 жыл бұрын
here we go again
@medul8039 2 жыл бұрын
cool
@AviPars 2 жыл бұрын
Ballpoint or regular
@haponnahilawvlogs 2 жыл бұрын
done dikit&tamsak boss diskarte moto
@garfieldkart 2 жыл бұрын
def
@SaganE7 2 жыл бұрын
when did he do a face reveal?
@accdiabolus 2 жыл бұрын
Hi, ich mag deine Videos, vielen Dank für deine Mühe. Was ich nicht verstehe, wieso deine Videos scheinbar bei KZbin unproblematisch sind und die anderer CyberSec KZbinr, die nichts zeigen was Hacking wäre, geblockt werden, wie zuletzt bei Florian Dalwigk. Ich verstehe es einfach nicht.
@diegomastro5681 2 жыл бұрын
He's sponsored by google
@LiveOverflow 2 жыл бұрын
Das bei Florian war ein Fehler und der wurde auch wieder behoben. Fehler passieren, leider bei dem Thema häufiger, aber wir bekommen es immer korrigiert ;)
@accdiabolus 2 жыл бұрын
@@LiveOverflow Danke dir.
@floredebosscher8574 2 жыл бұрын
But is it pronounced Kubernetes or Kubernetes 🤔
@MemoryOfLife 2 жыл бұрын
I think it's Kubernetes, Kubernetes doesn't sound very well
@SF-eg3fq 2 жыл бұрын
🤔
@Fahodinho 2 жыл бұрын
15:35 you should use a "," not a "."
@zooi. 2 жыл бұрын
this differs per country
@Doninhas 2 жыл бұрын
It's not pronounced "ist i o" but "istio" which basically means "sail" in Greek.
@plushplush7635 2 жыл бұрын
shodan dataflow :/
@accentor713 2 жыл бұрын
100k sounds cheap for trillion dollar company
@AnonYmous-spyonmepls 2 жыл бұрын
at least they dont lie about it being an RCE like so many others who downplay the impact
@compidev 2 жыл бұрын
You're german right? I think I hear it from your voice
@georgehammond867 2 жыл бұрын
is Google paying you for looking up these same CVE's in their business?
@billymonday8388 2 жыл бұрын
need to make that mic louder
@hypercrack7440 2 жыл бұрын
Short answer: Yes, you can
@Nihillius 2 жыл бұрын
💘💘💘💘💘💘💘💘💘 more videos like this
@alarmingly_good 2 жыл бұрын
This is comment number 70
@31redorange08 2 жыл бұрын
Got KZbin hacked? My comment is gone. 🤔
@mkdir699 2 жыл бұрын
This used to be a cool Minecraft channel.
@zedfalcon6972 2 жыл бұрын
w i d e
@monKeman495 2 жыл бұрын
wtf that RCE compensate about 100k$ from a trillion dollar company. kudos to all hunters for their effort.
@bladestormX 2 жыл бұрын
I thought this was a Minecraft channel now
@IndustryOfMagic 2 жыл бұрын
This video looks like it's stretched sideways.
@LiveOverflow 2 жыл бұрын
I just gained weight :(
@BertVerhelst 2 жыл бұрын
4:45 this is WHAT it looks like. when you say: this is how it looks like. It is translated too literally from German. We have the same problem in Dutch.
@Zizo8182 2 жыл бұрын
21:31
@James-is6tg Жыл бұрын
Wow. Google does not pay a lot out. I'd just sell it on a zero day market.
@SSS-sz8mg 2 жыл бұрын
I can’t get it, you consider yourself a security expert, but why you closed yourself in closed source ecosystem?
@LiveOverflow 2 жыл бұрын
I make mistakes too, so why would I want the responsibility for everything? From a security point of view, it can make a lot of sense to give away that responsibility. And I trust Google engineers a lot :P
@pajeetsingh 2 жыл бұрын
Offcourse ask your Chinese friends. They have access to all Google cloud machines.
@barreiros5077 Жыл бұрын
some API abuse & Bad Seo +Hosting Reseller like Dina host
@pajeetsingh 2 жыл бұрын
>accessing Google cloud using browser
@kavithatastycreations Жыл бұрын
hi iam danny i want edius x crack keygen pl
@md.shazidalhasan6726 2 жыл бұрын
We need more from Minecraft series
@unskeptable 2 жыл бұрын
I don't understand any of this gibberish . How can I understand this new found knowledge ?
@Gobillion160 2 жыл бұрын
where the hell are my minecraft videos
@peppigue 2 жыл бұрын
-mine-*craft*
@joaofreitas3504 2 жыл бұрын
where minecraft
@stewiegriffin6503 Жыл бұрын
the 5K guy... it cost him more time/money to write just a documentation, then the price itself. kids, this is called intellectual prostitution plz don't do this.
@DarkMetaOFFICIAL 2 жыл бұрын
Either say "What the attack would look like." or "How the attack would look. There is NO "how something looks like." how it looks. or what it looks like.
@SadKris 2 жыл бұрын
No
@peppybocan 2 жыл бұрын
It's pronounced "IS-TIO" man, not IST-I-O.
@ramnikTDM 2 жыл бұрын
U r getting old 🥺
@NextLevel-hr8wp 2 жыл бұрын
today everyone try to make money on youtube with talking about the finding of other. we have milion of security researcher and it engineer but only arround 100 hacker are out there. guys dont waste time on this shit. just get girl friend and enjoy life. IT is for people who dont know what to do with there time. and the have no family and friends.
@tr909love 2 жыл бұрын
He's just talking shit about what other hackers did. But the truth is he can't hack shit.
@HiToni 2 жыл бұрын
Then try to hack Google by yourself. You must certainly be a very skilled Hacker if you comment like this.
@DontDoubtOurServers 2 жыл бұрын
Lol you must be new here he’s actually really big in the pentesting space now if this was network Chuck sure talk shit all day. Also going over cve’s and preforming the exploit is a good way too learn nobody knows everything and if you’re trying to learn everything you’ll end up not really knowing anything
@davbj7707 2 жыл бұрын
@@DontDoubtOurServers Network Chuck is a script kiddie
@DontDoubtOurServers 2 жыл бұрын
@@davbj7707 thank you I’m glad I’m not the only one that noticed that like his newest video with John he had no input he would just cut to John then repeat what he said lol
@LiEnby 2 жыл бұрын
Well being able to understand anyrhing that's going on here is a pretty telling
@vadym-beep1241 Жыл бұрын
Fun fact: $31.337 translates to "eleet" in leetspeak.
@PartikleVT 2 жыл бұрын
I watch this while doing overthewire wargames
@jasontruter7239 Жыл бұрын
1337 000 is an interesting number, it spells leet