$15,000 Playstation Now RCE via insecure WebSocket connection – Bug Bounty Reports Explained
📧 Subscribe to BBRE Premium: https://bbre.dev/premium
✉️ Sign up for the mailing list: https://bbre.dev/nl
📣 Follow me on Twitter: https://bbre.dev/tw
This video presents a bug bounty report from Hackerone, from Playstation program. The vulnerability was an insecure WebSockets server and led to remote code execution in local application.
Report:
https://hackerone.com/reports/873614
Reporter’s twitter:
https://twitter.com/CryptoGangsta
Follow me on twitter:
https://twitter.com/gregxsunday
Timestamps:
00:00 Intro
00:25 Playstation Now
01:18 What are WebSockets?
03:20 Electron security
04:58 The exploit
#rce #playstation #websockets
Comments are closed.