Founded a loop in twitter vines by downloaded it's source file.The twitter company rewarded him by 10,800 dollars bounty and fixed that issue in few minutes.
Indian bug bounty hunter avinash just downloaded twitter vines full souce code file by found a loop hole and downloaded a docker file.
Docker file is basically a new open-source container technology that help more apps running on same old server and also very to package and ship programme.Docker images are used by vines should be private but it's available online easily.
Avinash uses censys.io is a latest hacker search engine.It scan hole internet for vulnerability.When had scan done avinash found 80 docker file with vinewww. The file uses www which generally used for websites.
Avinash open that docker file and found vines full source code which he can see.
Vines are basically a short video sharing service that help people to share those looping video clips around the world
Avinash is bounty hunter since 2015 and still he had reported 19 loops in twitter.
Comments
Post a Comment