🧪 Get access to hands-on labs: bbre.dev/premium
✉️ Sign up for the mailing list: bbre.dev/nl
📣 Follow me on Twitter: bbre.dev/tw
This video is an explanation of $7,500 vulnerability reported to Valve bug bounty program. The bug allowed adding infinite funds to user's Steam account by exploiting a flaw in the integration of Steam with Smart2Pay.
✉️ Sign up for the mailing list ✉️
mailing.bugbountyexplained.com/
🖥 Get $100 in credits for Digital Ocean 🖥
m.do.co/c/cc700f81d215
Report:
hackerone.com/reports/1295844
Reporter's hackerone profile:
hackerone.com/drbrix
Follow me on twitter:
/ gregxsunday
Timestamps:
00:00 Intro
00:33 The flow of adding funds to Steam account
04:36 Constructing the signature
05:30 The exploit
07:52 How to access hands-on labs?
4 июл 2024