pornhub-zeroday-phpShort Bytes: Pornhub hosted a bug bounty program a couple of months ago. A team of three research has been awarded $20,000 cash prize for finding two PHP Zero Day bugs in the website code which would lead the hacker to access user information and root privileges to a hacker.

A researcher trio – Dario Weißer (@haxonaut), Cutz ,and Ruslan Habalov (@evonide) – has grabbed the $20,000 cash prize in the bug bounty program for finding Zero Day vulnerability in their website.

“ While auditing Pornhub we have stumbled across several pages where user input was evaluated by unserialize and the result was reflected back to the page.” – writes Dario Weißer. After digging and testing old vulnerabilities in unserialize, the team had assumed that task was not a child’s play. “The first thought was: OK, why not just find a new 0day in unserialize?” and then there was Barney Stinson all over them. “It can’t be /that/ hard, challenge accepted!”

The unserialize function is used to reverse a PHP string to a PHP object. On PornHub, the unserialize function is responsible for managing the data uploaded by the users like photo albums. For example:

With a motivation to find a new PHP  Zero Day vulnerability in unserialize and the $20,000 bounty chocolate waiting for them on the stage, the trio – decided to write a fuzzer to test Pornhub’s code for loopholes.

“We have found two use-after-free vulnerabilities in PHP’s garbage collection algorithm,” Ruslan Habalov in his post.

The Zero Day vulnerabilities detected by the researchers could make them capable of accessing users’ data, tracking them, reveal source-code of co-hosted websites, and even gain root privileges. They also received a $2,000 prize from Hackerone.

If you have something to add, tell us in the comments below.

Also Read: Largest DDoS Attack Of 579Gbps In The First Half Of 2016

Now Watch: