We Hacked Google A.I. for $50,000 - Lupin & Holmes

We Hacked Google A.I. for $50,000 - Lupin & Holmes

2/12/2025

notes

what a fun article that both makes security testing seem both incredibly challenging but also very accessible (with the right tools, team, support and experience)

link

https://www.landh.tech/blog/20240304-google-hack-50000/

summary

What happens in Vegas doesn't always stay in Vegas, especially when it involves uncovering vulnerabilities in Google's systems. The story involves vulnerabilities found in Google's systems during the LLM bugSWAT event, focusing on insecure direct object references (IDOR) in Bard (now Gemini) and a denial-of-service (DoS) vulnerability in the Google Cloud Console's GraphQL API. The authors detail their findings, including exploitation of a GraphQL directive overloading vulnerability and the exfiltration of user data through a markdown injection vulnerability in Bard's integration with Google Workspace. The article concludes with the team's financial rewards from the bug bounty program.

tags

Google ꞏ AI ꞏ Bard ꞏ Gemini ꞏ Bug Bounty ꞏ LLM bugSWAT ꞏ IDOR ꞏ DoS ꞏ GraphQL ꞏ Vulnerability ꞏ Security ꞏ HackerOne ꞏ Google Cloud ꞏ AI Security ꞏ Markdown Injection ꞏ Google Workspace