Facebook, the top 1 social network founded by Mark Zuckerberg, who is a programmer, coder and a hacker too! But not everyone can find the loopholes, a special team of hackers keep on searching for vulnerabilities, loopholes in the sites and keep on reporting to the source sites (white hat) and Facebook is such a large site with huge amount of traffic, accounts containing personal information, photos, videos etc, and Facebook engineers must provide safety to their site, but practically, some bugs, errors can be seen which will pave a gateway to access other accounts and so on! It’s been 10 years since facebook started and it’s been changing it’s look, recovering the bugs, paying bounties to the hackers since then!
Indians hits top in finding the bugs in major websites and Indians contributed in finding 136 bugs in facebook and reported them (this is the most bugs founded by any country for facebook) We already posted about:Facebook bug bounty sneak peek: India Tops, read it, if you missed it!
In the meanwhile, We igadgetsworld team searching to have an interview with Indian hackers who contributed in finding bugs for facebook and luckily we got the Youngest Security Expert Mr. P.B. Surya Subhash who is a well known bug reporter, and reported many bugs to many top MNC’s including Yahoo, Facebook , Adobe , Microsoft etc and been in their Hall of fame list too!
For full list of Facebook hall of fame list please check here!
Interviewing Mr.P.B. Surya Subhash was very inspirational, we have like some series of question answer sessions and I am posting the main questions from our interview for the viewers!
1. HI subhash! Glad to meet you, can you please introduce yourself to our igadgetsworld fans?
Hi igadgetsworld fans, this is P.B.Surya Subhash, I’m of 17 years presently doing “Intermediate” (class 12) ,My main hobbies are playing and watching cricket, surfing net, pentesting websites, learning new things especially regarding developing and security .My key areas of interest includes Pentesting, Cyber forensics, Developing, helping INDIAN Websites to patch their bugs.
2. How and why did you get into Information Security & Hacking Field?
Well I used computer for the first time at the age of 11 or 12 i guess, But at that time i didn’t know what was this hacking and all..I started this hacking related things approx 1 to 2 years ago!
3. What was your first hack and when?
Well, I still don’t remember my first hack… It was into a website of Chinese, a small one with IIS vulnerability. I didn’t deface it or cause any damage.
4. What was the reaction of your friends and other people in your close circle when they came to know that you’re a hacker or a security guy?
Well people when I talk about these things used to criticize me… at first they used to make fun of me, later you know when i started excelling, and they started keeping quiet 🙂
5. When did you receive your first bounty as a white hat hacker?
I received my first bounty in feb 2013, It was a 200$ bounty from launchkey .The bug was cross site scripting.
6. Can you tell our viewers about your finding as a part of the facebook white hat program, and any proofs for our viewers?
Well, as of now i can’t give much information about it. All i can tell is it’s a Cross site remote forgery bug in a facebook acquisition. Using that i can manage to control some of the user actions. I will definitely publicize the details soon exclusive in igadgetsworld again! Here is the mail that I got from Facebook, you can see my name there!
7 .Who is your inspiration in getting into this field?
“INDISHELL” When i was just browsing my pc, I happen to see a news regarding INDISHELL fighting a cyber war with Bangladesh. By nature I’m a patriot, I was inspired by their passion towards country and became a hacker, gradually, due to so many consequences I turned into a White Hat
8. Did you try to hack any of your friends’ pc or facebook account for fun?
9. Did you got any job offers by MNC’s?
Well Yeah, I was offered a job by Yahoo! , Dell Secure works and few other companies I don’t remember it as of now.. The count is something near to 5 or 6.
10 .What are your future plans? Will you continue to be white hat hacker (security expert)?
As of now, my future plan is to establish a company after I stabilize my career. I am not sure because we can’t say what happens next second 🙂 but my wish is to make my motherland proud of me
11 What is your dream company that you want to work with?
Well, I have so many companies in the list. I can write a book with those names
12 .what are the casual things that to be considered to protect a pc or website to protect from virus/hackers?
Keep a strong password everywhere and also use an antivirus for your computer. This is basic thing a person using a computer should do.
13. What is your advice to New Bug Hunters / Beginners in Hacking field?
I would say just use Google and your brain. Try to learn everything by raising questions yourself like How? Why ? What ? on every methodologies. If you really want to see real hacking watch out security conference presentation and videos from Defcon, Blackhat and so on, also I recommend to “Join Null Community , a very good informative group”
This field has so much scope. If you have zeal you have so much scope to earn 🙂
Thanks Subhash! It’s really a great informative interview, I hope we get the info regarding your bug report on Facebook asap!