Google competitive security challenge

Find ways to log in. Winner gets $100k and a possible internship.

buganizer.corp.google.com

Good luck

Attached: 1337.png (600x293, 31K)

Other urls found in this thread:

moma.corp.google.com/
twitter.com/SFWRedditImages

Why is google shilling so much? Is it because of the damning leaks?

not a shill, I genuinely find it interesting and haven't seen threads about it.

>possible internship
>implying anyone sane wants to work at that shithole
$100k would be nice though

Oh, so you came for the hacker called Jow Forums for help!

did anyone try
>admin
>adminpass
>12345

Fuck off you literal shill.

>get buttblasted over google blocking your crackpot website so you try to enlist the help of gee to hack into google
Not your personal army, fag.

it says 'invalid token'

Well, the value of the password field means absolutely nothing.
I've gotten that far.

I'm assuming there is some really lame steganography in that lion picture that contains the username, and that they expect you to call up and social engineer your forgotten password.
a more advanced sql injection might work too, but I don't know what I'm doing.

Bingo. If I wasn't baked off my ass, I'd call right now. It is deadly obvious that this is a social engineering test. You just need to find some random mid-level guy's email, pretend to be him, and say you broke your phone that had both your password manager and your 2FA codes.

You're welcome. Please email me at [email protected] when you win $100k so you can give me the $10k you owe me.

How old is this shit?
The "login" request is returning a 400 error which is making me suspicious that this is a dead challenge from an earlier time.

I'm even more baked off my ass and I don't want to work at google.

This really is a challenge of who can be fucked

Just call and win yourself 100k. Decline any job offer.

>Decline any job offer.
Why? You should work there at least one year for another 100k how bad could it be

$100k is enough money for me.

We don't all live in the third world Amerilard

the numbers don't work. it just return an answering machine that says "This is a test message, thanks for calling"

>bill
>hunter2
>6969
where's my 100k nigga?

Attached: ss (2015-05-02 at 10.11.21).jpg (580x308, 64K)

I log on this every day at work

prove it

Guys, this is actual Google corp login. To get access you must do one of the following.
1: create a Google account and use that (@google.com)
2: find a bug in the login system

This is actual corp login. If you break this, that is a big deal. Good luck

Do you read before you post or are you a bot?

not your personal army summerfag

>how bad could it be
>100k

Why would I step down to make less money per year in some shithole?

Someone didn't read my carefully crafted memo on the 4 most commonly used passwords.

hurr hurr hurr you sound retarded stop talking before you embarrass yourself any more.

This guy is right. Moma is google's "intranet", so to speak. It's got user pages, forums, etc.
moma.corp.google.com/ has the current login.

If you break into that, you've uh... got the big one.

Somebody log in and fuck their shit up

Fuck off jewgle shill

no u

>I can totally do it if I wasn't stoned right now guys
>Nah I don't feel like making 100k, it's not worth my talents or my time
Basically everyone ITT. Fucking poser faggots.

>failed login
>the next image on the login page is a picture of the city center in my hometown

Attached: 1376388935332.png (645x773, 24K)

It's hilarious.
Yeah guys, you totally could hack into Google's corporate intranet if you just weren't so stoned.
$100k? Pfft, chump change, I get it.

Meanwhile they totally fail to realize that it's not just some hiring challenge and actually the login for an internal Google service.

>an internal Google service
Not just "a" internal service. Its THE internal service. It's everything of Google's internal services that is on the internet.

you know you're on Jow Forums right

6 figs respect

I mean Google has moved to a "zero trust" corporate network, meaning that all their stuff has public DNS and is not firewalled off. Everything now works through your @google.com SSO.
This means that it no longer matters if someone "gets in your network", since all they're going to be able to do is bring up login pages, just like how anyone can go to gmail.com.

If you somehow bypassed all of SSO (stealing an account, major exploit, etc), you'd have access to everything you have permissions to, but otherwise you'd have to hack each individual service you want to access.

My organization uses a similar scheme, with smart card authentication for everything.

I'm in...

It has a security help button with a phone number to call. This isn't a hacking challenge it's a social engineering challenge

moma is the google intranet so you have to find the name of someone who says they work at google get as much info about them as you can and call in pretending to be them

so we can all pretend to be moot lol

>he fell for user just saying it was a challenge
I hope you're ready to get sued

Problem is you are gonna need the 2FA authentication, either the app or the USB token.
They won't bypass that 2FA for you over the phone, so someone's going to have to go to a Google office and do some in-person pretending.

um just steal moot's phone lol

I think you're volunteering your boipussy to distract him while another user takes his phone.

repost it

oWo

>U: FuckTrump2020
>P: 4ndWh1t3P33p$!
>S: 148869

Well that was easy.

This is the login for Google's intranet. It isn't a test case for vulnerabilities in some contest.
Google does, however, offer but bounties for possible vunerabilities: Up to $31337

What happenes if I try to log in while logged into gmail? do I get africanamericanlisted?

I tried to access a different corp site and it just told me my account didn't have permission.

The top 4 most commonly used password are love, sex, secret, and god.

What about 1234abcd and password