A security researcher known as brutecat has revealed how an AI-driven fuzzing pipeline identified over $500,000 worth of vulnerabilities within Google’s infrastructure in less than three months. This effort exposed systemic access-control flaws across approximately 1,500 APIs.
The process began with targeting Google’s discovery documents—machine-readable API specifications that detail available endpoints, parameters, and methods. While some of these documents are publicly accessible, many internal APIs require valid API keys for access.
To obtain these keys, brutecat and collaborator Michael Dalton harvested credentials on a large scale. They scraped over 60,000 Android APKs, decrypted iOS binaries, and developed a Chrome extension to intercept traffic across more than 2,800 Google web domains, ultimately collecting around 3,600 keys. Since a single key can enable multiple APIs within its Google Cloud project, this collection provided extensive access. To ensure compliance with Google’s program scope, the team filtered out non-Google keys using a Cloud Marketplace endpoint that resolves a project number to its owning domain.
They further bypassed removed discovery paths, exploited visibility labels like `GOOGLE_INTERNAL` to uncover hidden endpoints, and reverse-engineered Google’s proprietary First Party Authentication (FPA v2) after sourcemaps briefly leaked the relevant frontend library.
After gathering over 1,500 discovery documents from Google APIs, including hidden endpoints revealed through undocumented `GOOGLE_INTERNAL` visibility labels, the researcher built a custom API Explorer capable of parsing any discovery document client-side. This tool facilitated the identification of numerous vulnerabilities, including:
- Google Voice/Fiber account takeover due to unauthenticated PII and recovery phone leaks, allowing arbitrary number assignment.
- AdExchange takeover by accessing staging environments pointed at production data, enabling account reads and unauthorized admin additions.
- Exposure of internal privacy-assessment APIs publicly.
- YouTube unlisted/private video ID leaks via auto-generated Content ID assets.
- Widevine DRM takeover through leaked organization information and encryption keys, permitting unauthorized additions to any organization.
- PLX/DataHub vulnerabilities allowing self-granting as dataset owner and dumping confidential YouTube data.
- Nest device-owner deanonymization by correlating sequential IDs to Gaia IDs, which could be linked to emails via Play Books licenses.
- Translation Hub issues including unauthorized list operations, cross-tenant read/write access, and Google Cloud Storage exfiltration.
- YouTube TV CMS flaws with no access control on campaign CRUD operations, leading to leaked CMS account emails.
- Vertex AI Search for Commerce vulnerabilities allowing unauthorized read/write of intent-classification configurations, enabling prompt injection.
- Cloud Console GraphQL issues such as App Engine request-log leaks without authentication, Vertex Assistant unauthorized session read/write access, and Google Maps Platform billing-credit and PII leaks.
These findings underscore the critical importance of robust access controls and continuous security assessments within complex infrastructures. The use of AI-driven tools in vulnerability research highlights both the potential and the challenges in securing expansive digital ecosystems.
Source: Cyber Security News
