Ability to login as google staff in Google Cloud Community

gaurav bhatia
2 min readJul 15, 2022

--

-Gaurav Bhatia (Bug Hunter, CTF Player)

Summary:-

While using Google Cloud Community I saw that there was a feature of creating an account which we usually don’t see in any other google domains. I simply created an account for accessing the website as a normal user and to see the various functionalities. I started with creating a post and when the post got created I remembered that after creating an account i didn’t get any email verification mail nor there was any email verification after creating a post. It means that there is verification of email after creating an account. This bug doesn’t have a great impact on the organization so I thought to escalate it to increase the impact.

I came up with the idea of what if we get a google staff privilege? For this i tried to create an account with test@google.com and the account successfully created.

And as shown in the picture i got the google staff privileges which gives the permission of uploading videos and replying to any other users being an internal google staff.

Steps To Reproduce:-

  1. Go to https://www.googlecloudcommunity.com/gc/user/userregistrationpage?dest_url=https%3A%2F%2Fwww.googlecloudcommunity.com%2Fgc%2FGoogle-Cloud%2Fct-p%2Fgoogle-cloud
  2. Create a account with mail id (test@google.com)
  3. Account successfully created without any requirement of email verification
  4. Finally, Got the privilege of replying to any member being an internal google staff.

Attack Scenario(Impact):-

An attacker can login as internal google staff and can spread malicious URLs, files, etc. Also an attacker can spread rumors among the communities being an internal google staff which makes a negative impression of google in people’s mind.

Timeline:-

  • 2022–02–24: Initial Report to Google VRP
  • 2022–02–24: Issue Triaged
  • 2022–03–09: Internal bug report filed
  • 2022–03–25: VRP issued reward($100)

--

--