So, I was on HackerOne looking for a new Job to take up and I found buzzfeed on their lists.
BuzzFeed is the only large company on here I've seen that doesn't display a minimum bounty or have strict rules as to what you can and can't do on their site.
I literally hate the site and kinda wanna put a picture of dog shit on their homepage. Their post on HackOne does not give rules as to what's allowed during an attack other then your basic "Don't attack our datacenter" and "Don't do an social engineering, kid." kinda deal.
So, as long as you report the exploit, i'm pretty sure there's no legal issues as to what you do to their website.
Just wanted to posting this to raise awareness on this because again, i hate buzzfeed. Have fun kids.
>>60235249
>Just wanted to posting this to raise awareness on this because again, i hate buzzfeed. Have fun kids.
I fucking hate that company with passion. If you find any sec holes, don't give it to them. Give it to some hacker activist to fuck them up for good.
>>60235514
>some hacker activist to fuck them up for good.
I gotta take up a few more jobs for cash first, but i'm planning to come back to them when I have free time. I'm really bad at hiding my footsteps, so I personally wouldn't.
>>60235514
Also, i'm sort of hoping someone else will do this, it's why i'm spreading this.
>>60235249
yep, I'm in. I can literally do anything I want with this rule set
>>60236278
exactly. This is great. The more the merrier. Have fun. If you find an exploit let us know first before reporting it. It's only legal if we report it at some point.
>>60236424
>before reporting it
I'm not reporting shit
fuck buzzfeed
>>60236836
my hero <3