Hacker Discovered Security Flaw in Vine
For determining a security flaw in Vine, its short- form video platform Twitter announced an award for an Indian white-hat hacker $10,080 (6,80,000) .The hacker, Avinash Singh , who was capable of using the advantage to contact the service’s source code.
Singh stated issue in the month of March to twitter .later than that company has fixed the flaw and gave him a reward $10,080 by the bug bounty start-up hacker one.
Singh who set off by the pseudonym “a vocoder” says he has soughed down 15 bugs in twitter so far. He found this exact security hole when he is investigating vulnerabilities with Censys.io, a network that scans search engine. He discovered that he is capable of downloading Vine’s complete source code during a public docker image.
“I was proficient to see the complete source code of Vine API keys, third-party keys and secrets,” “While running picture without any parameter, it is allowing me host a duplicate of vine locally.” Singh wrote on his blog. In other words, Singh was capable of making exact copy of Vine, something evil actors will use to phish users.
Singh has received many rewards from Twitter’s bug-bounty program in the earlier period. He has uncovered vulnerabilities like storage of usernames and insecure transmission of media files and passwords on the Vine Android app and also vulnerabilities in Twitter’ ad campaigns.
Previous this year, Twitter-publicized it had paid $322,420 as part of its bug-bounty program to security researchers in the most recent years, with a normal payout of $835. Its payouts range from $140 to $12,040 and are always in multiples of 140, keeping with its character platform. Twitter only allows bugs to be publicly disclosed after they’ve been fixed.
As part of its bug bounty program previous this year, twitter publicized that it had paid $322,420 to security researchers in the past two years, with an average payment of $835. Its payout ranges from $140 to $12,040 and keeping its character platform they are always in multiples of 140. Twitter only permits bugs to stay fixed after they have publicly disclosed.
“I started participating in various VRPs in 2015 and have been very active seeing as then,” Singh writes. “Particularly in the Twitter bug-bounty program since their response is quick and they discharge bounty once the bug is triaged.”
India is also one of the top most 127 countries which participated in Facebook’s bug- bounty program, with more number of security researchers and the paid bounties, amounting to 48.4Rs/($718,8400). mainly
This is the brief description how the hacker got award from twitter for discovering Security flaw in Vine.
You May Also Like:Why Did the Hackers Love Health Apps