BOOK THIS SPACE FOR AD
ARTICLE ADWell according to the title here I will share about how I got P1 at nasa? only using the dorking technique I got P1, here’s the story, when I wanted to sleep suddenly my friend called and told me he got P1 in the nasa VDP program using only simple dorking, immediately I opened my eyes, “really bro?”, and he replied “really cuk”, I used this dorking
site:NASA.gov "https://drive.google.com/file/d/"A vulnerability has been identified where a Google Drive link has been publicly shared, allowing unrestricted access to anyone with the link. This issue grants all users the ability to view, edit, delete, and upload files within the Drive. Such unrestricted permissions can lead to severe security and privacy risks for the owner of the Drive and any sensitive data stored within it.
Using the dorking provided by my friend Dhafy (Bug Hunter), I tried dorking to get the Publicly Accessible Google Drive vulnerability, and more or less like this, simple but dangerous2. I try to check several web pages that display links to the internal google drive, I try to access one by one to see if there is a drive that gives high access to users who access the google drive link.
3. Here I get a pdf that displays a google drive link that gives me access to read, delete, upload files, and other access, I try to create a folder and upload a photo as a poc following the photo
Thanks to my friend Dhafy don’t forget to follow / send connections to his Linkedin :)
https://owasp.org/www-project-top-ten/2017/A3_2017-Sensitive_Data_Exposurehttps://www.liputan6.com/tekno/read/5131743/hacker-china-pakai-google-drive-untuk-suntik-malware-di-jaringan-pemerintah-sejumlah-negara