Posts

Showing posts with the label CSRF

Send request to Martians. Earthlings are already your friends.

Image
Hello everyone, I'm back with another write up. This time it's a Google bug. YouTube is Google's video sharing site and a great place to explore. As a bug hunter, you can spend hours or days or even weeks in YouTube without hesitation. I always used YouTube to play some music when I worked as a developer last year. When I started bug hunting, I tried YouTube multiple times and can't find any. Then I started hunting on another google services. After hunting for more than 2 hours, I found a bug on one of Google's acquisition. According to  Google , a video PoC is required only if it is contributing something that the text can't. But I'm a great fan of videos and my first bug to google (duplicate) contained a 15min video 😎. I recorded a video of that bug I found and visited YouTube to upload it. when I clicked upload button, I noticed something strange aside it, something new. It looked like a message button. But then, the upload page has loaded