I was testing Uber utility for security loopholes, he explained.
This is how I was able to figure it out.
It was easy to do.
Attackers could have misused this by taking unlimited free rides from their Uber account.
The loophole was related to the payment method where by using an invalid method would get Prakash free rides.
Users can create their account on Uber.com and can start riding.
He used his method on the ride-sharing app in different countries and found that it worked everywhere.
The company pays out up to $10,000 (8,000) for critical issues identified.
This bug bounty programme will help ensure that our code is as secure as possible.
And our unique loyalty scheme will encourage the security community to become experts when it comes to Uber.
This is not the first time that Prakash has revealed vulnerability.
In the past too, he had disclosed how to take over Facebook account and change its password.
In the meantime, he has found a genius way to get free Dominos pizzas free for life.
Source:Telegraph
Read More
source: www.techworm.net
