Do you know that if you find the bugs then you can get a reward of lakhs of rupees. Strange as it may sound, two Indian hackers have received $22,000, which is roughly equivalent to Rs 18 lakh, for finding a critical flaw in the form of Google's bug bounty. Top tech companies offer bug bounties to people who successfully identify bugs in their computer programs or systems. Indian hackers were rewarded for finding security flaws in Google's cloud program projects.
The names of both the Indian hackers are Shriram KL and Shivnesh Ashok
Indian hackers Sriram KL and Shivnesh Ashok said in a blog post that they were trying to find bugs in Google's software, especially Google Cloud Platform. They were quite new to the platform and while they were exploring it, they found a problem with one of the features called "SSH-in-browser". Ashok said in the blog that since this was our first step into Google Cloud, we naturally stumbled upon one of the most popular products, Compute Engine. While searching for its features and how it works, I came across "SSH-in-browser".
Surprised they found this problem so easily
He further explained that this feature allows users to access their computer instance like a virtual machine through their web browser using a protocol called SSH. The bug they found could allow someone to control someone else's virtual machine with just
one click, which is a serious problem. They were surprised that they found this problem so easily, as they had just started looking at Google Cloud Platform.
Ashok and Shriram also noticed a bug in another Google cloud platform "Theia". After researchers reported a flaw in Google's cloud platform, the search giant fixed the problem by adding a security feature called cross-site request forgery (CSRF) protection to GET endpoints and improving the way domains are verified. Earlier, Ashok and Shriram had also noticed a bug in another Google cloud platform "Theia". In their research, they found that the version of Theia they were using was not the latest. He looked for vulnerabilities in this version and found several vulnerabilities, but he found that not all of them could be used to exploit the system.
Also Read: Uttar Pradesh: 5 arrested in Lucknow for lowering electricity metre reading
/dnp-english/media/member_avatars/avatar/f87a701aa0feeff2dac903bba1bc7ba9.png )
Follow Us/dnp-english/media/post_attachments/wp-content/uploads/2023/01/Google.webp)
/dnp-english/media/agency_attachments/2024/12/03/2024-12-03t111212612z-dnp-india-logo-640x480-dnp-news-2.png){kind=logo}
/dnp-english/media/media_files/2024/12/18/youtube.png){kind=icon}
/dnp-english/media/media_files/2024/12/18/facebook.png){kind=icon}
/dnp-english/media/media_files/2024/12/18/instagram.png){kind=icon}
/dnp-english/media/media_files/2024/12/18/twitter.png){kind=icon}
/dnp-english/media/media_files/2024/12/18/linkedin.png){kind=icon}