Start Android bug hunting here! Google app analysis results: https://bughunters.google.com/report/targets/290590452
Google Mobile sales representative: https://bughunters.google.com/about/rules/6618732618186752/google-mobile-vulnerability-reward-program-rules
Oversecure blog: https://blog.oversecured.com/
Verify the output of the tools: https://bughunters.google.com/learn/improving-your-reports/avoiding-mistakes/5981856648134656/verify-the-output-of-the-tools
More Bug Bounty videos: https://www.youtube.com/playlist?listPLhixgUqwRTjxKYsPTegCyL5adZaq5eILt
More mobile security: https://www.youtube.com/playlist?listPLhixgUqwRTjxHFDl0OykeqZ-VvnClfDpT
Chapters:
00:00 – Introduction
00:57 – Meet Sergey Toshin (over-secure)
02:51 – How oversecurity started
04:42 – Check the tool output!
07:17 – First look at the vulnerability
09:58 – 1. Explained: Android intentions
11:25 a.m. – 2. Explained: content providers
12:51 – 3. Explained: app permissions
13:34 – Walkthrough for mining
4:17 p.m. – Proof of concept and report
5:15 p.m. – Android VRP Rewards
6:32 p.m. – Start checking for bugs in Google Apps!
[️Support]
by video: https://www.patreon.com/join/liveoverflow
per month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
[Social]
Twitter: https://twitter.com/LiveOverflow/
Instagram: https://instagram.com/LiveOverflow/
Blog: https://liveoverflow.com/
Subreddit: https://www.reddit.com/r/LiveOverflow/
Facebook: https://www.facebook.com/LiveOverflow/
Please take the opportunity to connect and share this video with your friends and family if you find it useful.
No Comments