Bug Hunter program

From SmartBots Developers Docs
Jump to: navigation, search

All Bot Playground scripts run in isolated sandboxes. However, we understand that we may miss something, and we appreciate your help locating the security holes.

Bounty levels

Currently the following rewards are available:

Breach level A-1. Accessing your own script full code

Your script contains your code plus a sandbox bootstrapper. The reward is being paid if you manage to get the bootstrapper source code.

Reward: L$5,000.

Breach level B. Accessing server files

If you manage to read any file on server, you get this reward.

Reward: L$10,000.

Breach level C-1. Reading Bots Playground sources

Bots Playground website has its own source files, residing on the same server. Access any of them and get the reward.

Reward: L$20,000

Breach level C-2. Reading database

Access Bots Playground database to get the reward.

Reward: L$23,000

Breach level D. Get root control over Bots Playground server

Become a root at Bots Playground server.

Reward: L$50,000

How to get a reward

If you feel you managed to break through the specific level, contact SmartBots support and provide breach details. We guarantee you will be paid.

There are some other rules applied:

  • If you *almost* reached the specific level (e.g. reading the file names, but not files content), we reserve the right to adjust the payment.
  • On the other hand, if we see that your information is more serious than you expected, we may increase the reward.
  • DoS and DDoS attacks, cpu and memory overload do not count. It is just too easy yet :)

Finally, if you prefer Publicity and Fame instead of money, we can publish your name at SmartBots special appreciation page.