How to legally earn more than $ 300.000 by hacking Apple

Between July 6 and October 6, Sam Curry, Brett Buerhaus, Ben Sadeghipour, Samuel Erb and Tanner Barnes worked together to hack Apple, taking advantage of the company's bug bounty program.

According to Sam Curry's account, he discovered a blog post via Twitter in which a researcher claimed to have won $ 100.000 for discovering a way to bypass authentication that allowed him to arbitrarily log into any Apple customer account. This surprised him, as he thought Apple's rewards program only applied to security vulnerabilities affecting their physical products and did not reward bugs found on their websites.

With a little research, Tim Curry found that Apple actually paid to find vulnerabilities "that would significantly impact users" regardless of whether the asset was listed as a program target.

In those months, hackers (targets) discovered various vulnerabilities in key portions of Apple's web infrastructure that would have allowed an attacker to completely compromise customer and employee applications by launching a worm that could automatically take over. of an account. code from Apple's internal projects completely compromises the control software for a warehouse used by Apple and penetrates Apple employee sessions with the ability to access private resources and management tools.

In total, they found 55 vulnerabilities, 11 of critical severity, 29 of high severity, 13 of medium severity and 2 of low severity. 

By 6 October, the vast majority of the findings had already been corrected and their authors recognized. They were usually resolved within a day or two (and some fixed within 4-6 hours of notification).

Even if you don't have any programming knowledge and a lot of what you read seems Chinese to you, it's an interesting read for the description of methods for detecting holes… and the astonishing amount of them there are!

You can read it here