home.social

#hackinggoogle — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #hackinggoogle, aggregated by home.social.

  1. OAuth. Non-human identities. It's something I posted about a lot.

    You can imagine my complete surprise that the first challenge of the 3rd episode in #HackingGoogle #CTF was all about stealing leftover credentials of a Google service account to run an OAuth flow and steal a very sensitive file about the Google Glass 2.0!

    Read here (sorry about the ramble about OAuth no one asked for!):

    talsk.github.io/2024/09/25/hac