Interview with Yahoo! Hall of fame Mr. Shubham Gupta (Interview #4)
Interview with Yahoo! Hall of fame Mr. Shubham Gupta (Exclusive from iGadgetsworld)
We, iGadgets world team got another opportunity to interview another Young Indian Hacker, Yahoo! hall of fame member Mr. Shubham Gupta, and he recently received his first bounty worth 400$, let's hear what's his story? check out the interview part with him!
1. Hi shubham Gupta, would you please introduce to our iGadgetsworld fans?
Hey Igadgetsworld fans!, This is Shubham Gupta Aka H4CK3R $P1D3R an Independent Security Researcher from INDIA. I am 18 years old pursuing BCA(Bachelor of Computer Applications). My hobbies are surfing internet, learning about new vulnerabilities and finding bugs, reporting them. and of course hacking
2. What made you to get into this field bro? who is your inspiration?
When I was around 14 years old I used to watch many movies like Hackers (1995), wargames etc which inspired me the most and i got addicted to them, then I started to learn many things regarding computers, hacking etc, and this is how I decided to be a hacker and security researcher. I got inspired from seeing the works of kevin mitnic, HD Moore
3. We have seen most of the young people are attracting towards hacking/research etc? Do you think it’s good? How can you guys manage studies and this research work?
Yup! because people always attract on the hacker thing, they wanted to show their capabilities in a different way, everyone can be an engineer or doctor with or without their skills but what's so difference between them? Nothing, well as per my point of view, Real talented people show their skills in a different way, we, hackers get the inspiration from many, we show our real talents in this way! so most of the people get attracted to this hacking thing, and especially nowadays younger people like me wanted to be a hacker and pentester and wanted to apply our skills in finding bugs and of course getting rewarded for it
so how we guys manage all these stuff and the study thing too? well it's a bit odd question, Books won't teach us anything until we apply it practically, i do these hacking stuff in the spare time, and i study before the exams like others do ! sorry no offense but it's truth! let's not get diverted and come to the main thing again!
4. What’s the difference between Bounty hunter and security researcher/analyst?
I don't think there is a difference between Bounty hunter and security researcher, well security researchers will find the bugs and they get rewarded with bounty, and mostly we won't do this just for the bounty or to be in Hall of fame list, it's just the way how we show the world in what we can?
5. What are your skills and what are your favorite interests in the hacking and research field?
Currently I'm pursuing BCA (Bachelor of computer application) and I am good at pentesting websites, well doing something for Mother India, showing what we Indians can do in the VIrtual world and I am looking forward in joining Null - Open Security Community.
6. Are you going to start any Hackers team like Team YHI or you just work alone?
I don't think I'll make any team right now, well pretty busy with studies , ya if some team invite me to join their team, I'll definitely join as i mentioned already!. But as for now I'm just working alone.
7. Actually if you don't mind can we see your work, I mean how did you find a bug? Mind sharing with our iGadgetsworld visitors?
Well, as of now i can't give much information about it . In short i can say this, firstly i will check xss and csrf attack. Recently I found RCE vuln. In Sellvana they rewarded me with 400$ my first bounty,
Actually just now, i recieved a mail from Adobe, as i reported a bug, you can see the mail what they are saying? That's why we can't disclose information regarding any bug!
But i am pretty sure i will come up with a new tutorial exclusive for the iGadgetsworld, how i found the bug and what's the solution for it, but it will take some time, as i am setting up something!
8. What are your future goals? Will you continue to be in this field or choose some other job based on your qualification?
Yup! I'll continue to be a security researcher and i love this field, and can't left this! I just don't want to do any other job not because I can't...... because of I like this IT field.
9. Any final words for our iGadgetsworld regarding this ethical hacking and security stuff?
I would just say use Google and your brain. Try to learn everything by raising questions yourself like How? Why ? What ? read others hacker POC u can find all POC from googling and u can also check POC on hackerone website
This field has so much scope. If you like to to do hacking and researching there are so much scope to earn[divider]
well, that's a great interview with him! we never thought hackers/researchers are very passionate about their work! You can contact Shubham Gupta through Facebook and twitter, you can check his bugs list here from the bugcrowd and from Hackerone profile! You can find many screenshots of bugs reported to many sites from him in these social media accounts!
I hope we will get the tutorial regarding how he actually found the vulnerabilities, stay tuned for more interviews #igadgetsworld fans!