This HighSchool Kid Snatched $10000 From Google, Here’s How?

This guy next door is an inspiration for all those budding geeks and coders, Here’s why?

This high school student Ezequiel Pereira has just impressed Google security team by peeping into the company’s backend servers.

Using the prevalent vulnerability scanner ‘Burp Suite’, he found the way to modify the host header and managed to enter internal App Engine applications – *.googleplex.com.

He surprisingly managed to connect to the website (yaqs.googleplex.com) without having his username or account entered. After entering the homepage, he was amused to see the plethora of links to various Google services with footer stating ‘Google Confidential.’

google security issue

And that’s how he reported the security loop hole to the Google security team on July 11.

google prize winner

Following that, Google responded him back with an email stating ‘Just letting you know your report was triaged and we’re currently looking into it.’

google prize winner

Eventually, on August 4, he received the $10,000 from Google under the Google’s vulnerability reward program.

You can read the whole photoplay from the horse’s mouth as the high schooler has documented in more depth via his blog post.

Leave a Reply