Skip to content
Google App Engine - Remote Code Execution bug ($36k bug bounty)
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
app
gRPC_client Initial commit May 20, 2018
protos Initial commit May 20, 2018
README.md

README.md

GAE-RCE

Google App Engine - Remote Code Execution bug ($36k bug bounty): https://sites.google.com/site/testsitehacking/-36k-google-app-engine-rce

  • app - Example application hosted in http://save-the-expanse.appspot.com/
    • /args - Returns all command-line arguments passed to the Java launcher
    • /nmap - Performs a scan of all ports in 169.254.169.253 (Binary taken from here)
    • /grpc - Runs the gRPC C++ client
  • gRPC_client - Source code of the gRPC C++ client
  • protos - All Protocol Buffer definitions extracted from Google App Engine
You can’t perform that action at this time.