Acknowledged by Blackberry

Hello,

I got Acknowledged as Security Researcher / Ethical Hacker By Blackberry Security Research Team for 2015 🙂 . I reported FPD, JQuery AJAX Prompt Error Bug and a Injection issue.

blackberry

So, the affected domain was the main one “blackberry.com” 😀 , the team quickly fixed. Here is some of POC proofs

ajax_bb (copy)

Now, here comes FPD with PHP Errors

fpd_bb

Third bug, Injection which i found in this same place 🙂 but i won’t be able to show here as it’s a privacy issue and it releases information disclosure.So this is what i reported and it escalated quickly.

lol5

BAAZINGA.. Hall of Fame : http://ca.blackberry.com/enterprise/products/incident-response-team.html#security-updates

blackberrry_hof

Timeline : September 15 – Initial report

September 16 – Needs Additional Information by Team

September 17 – Additional Information sent

October 2 – Fix confirmation Email by team

October 2 – Fix confirmed by me

October 17 2015 – Hall of fame acknowledgment

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s