Question

In: Computer Science

In the I found a security hole in Steam that gave me every game's license keys...

In the I found a security hole in Steam that gave me every game's license keys and all I got was this... oh nice: $20,000. Summarize the Steam finding and compare it to lab.

Solutions

Expert Solution

A bloke has told how he discovered a bug in Valve's Steam marketplace that could have been exploited by thieves to steal game license keys and play pirated titles. Researcher Artem Moskowsky told The Register earlier this week that he stumbled across the vulnerability – which earned him a $20,000 bug bounty for reporting it – by accident while looking over the Steam partner portal. That's the site developers use to manage the games they make available for download from Steam. A professional bug-hunter and pentester, Moskowsky said he has been doing security research since he was in school, and for the past several years, he has made a career out of finding and reporting flaws. In this case, while looking through the Steam developer site, he noticed it was fairly easy to change parameters in an API request, and get activation keys for a selected game in return. Those keys, also known as CD keys, can be used to activate and play games downloaded from Steam. The API is provided so developers and their partners can obtain license keys for their titles to pass onto gamers. "This bug was discovered randomly during the exploration of the functionality of a web application," Moskowsky explained. "It could have been used by any attacker who had access to the portal."

Impressively, this $20,000 bounty isn't even the biggest payout Moskowsky has received from the games service. Back in July, he was given a cool $25,000 for weeding out a SQL Injection bug in the same developer portal.


Related Solutions

Can someone please assist me with this question. The information that I found was not of...
Can someone please assist me with this question. The information that I found was not of help. Discuss how using systems thinking will influence your decision-making. I have to do a full paragraph on this question.
Discuss the Anatomy of the Heart.Please explain to me every single step in detail because I...
Discuss the Anatomy of the Heart.Please explain to me every single step in detail because I don't understand. Thank you!
Hi. Please could you assist me with the question below. I found the same question on...
Hi. Please could you assist me with the question below. I found the same question on the Chegg website, unfortunately, the answer given does not make use of the driver function which is required by the question. Please could you provide me with the full code for this question, including the main function using c++ and codeblocks. The standard recursive version of the Fibonacci function (explained in Malik pg. 379) is extremely inefficient due to identical calls being repeated. Consider...
I need give me example in every step. Do not use Excel. Thank you. On January...
I need give me example in every step. Do not use Excel. Thank you. On January 1,2018, Vidalia Company accepted a 14 % note, dated January 1, 2018 with a face amount of $ 2,480,000 in exchange for cash. The note is due in 10 years. For notes of similar risk and​ maturity, the market interest rate is 16 %Interest is paid each December 31. Requirement a.   Determine the present value of the note at January ​1,2018. (Use the present value...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT