Inqubomgomo ye-Bug Bounty

I-Paxful, Inc. (okubhekiselwa kuyo nangokuthi “Paxful,” “Thina,” “Thina,” noma “kwethu”) ithatha izinyahtelo ukuthuthukisa umkhiqizo wethu nokunikezela ngezixazululo zokuphepha kumakhasimende ethu. Kule Nqubomgomo Ye-Bug Bounty (“Inqubomgomo”), sichaza amakesi asebenzayo wohlelo lwethu lwe-Bug Bounty nokuthi kufanele lusetshenziswe kanjani ngokuhlangene nokusetshenziswa kwewebhusayithi yethu ku-https://paxful.com/, kufaka phakathi, kodwa akukhawulelwe, ku-Paxful Wallet, inkundla yokuhweba ye-Bitcoin, uhlelo lweselula, amakhasi wemidiya yomphakathi, noma ezinye izinto ze-inthanethi (ngokuhlangene, “Iwebhusayithi”), noma uma usebenzisa imikhiqizo, amasevisi, okuqukethwe, izici, ubuchwepheshe, noma imisebenzi esiyinikezelayo (ngokuhlangene, “Amasevisi”). Le nqubomgomo yenzelwe ukukusiza ukuthi uthole ulwazi mayelana nokuthi ungabamba kanjani iqhaza kuhlelo lwe-Bug Bounty, evikela imiphumela yocwaningo esebenzayo, nokuthi iziphi izinzuzo ongazithola. Sicela uqaphele ukuthi iminikelo yethu Yesevisi ingahluka ngesiyingi.

Kuzo zonke izinhloso, inguqulo yolwimi lwe-English yale nqubomgomo ye-bug bounty izoba ngeyoqobo, ithuluzi elibusayo. Esimweni lapho kunokushayisana phakathi kwenguqulo ye-English yale nqubomgomo ye-bug bounty nokunye ukuhumusha kwezinye izilimi, inguqulo yolwimi lwe-English izobusa futhi ilawule.

Yini Uhlelo lwe-Bug Bounty?

Ukuze kuthuthukiswe i-Paxful Namasevisi, Uhlelo lwe-Paxful Bug Bounty lunikezela abasebenzisi bethu ngethuba lokuzuza umklomelo wokukhomba izinkinga zokusebenza.

Ungaxhumana kanjani ngokutholile kohlelo lwakho lwe-Bug Bounty kithi?

Konke ukuxhumana okunjalo kufanele kuqondiswe ku-[email protected] Ekuthumeleni kwakho sicela ucacise incazelo ephelele yengcuphe nenkomba eqinisekisayo ukuthi ingcuphe ikhona (incazelo / izinyathelo zokwehlisa / izithombe-skrini / amavidiyo / imibhalo noma imisebenzi eminye enjalo).

Imithetho Yohlelo

Ukwaphulwa kweminye yale mithetho kungaholela ekungafaneleni i-bounty.

  • Hlola kuphela ingcuphe ku-akhawunti okungeyakho noma ama-akhawunti owavumile kusuka kusiphathi se-akhawunti ukuze ahlole.
  • Ungalokothi usebenzise ukuthola idatha yokufaka engcupheni/ye-exfiltrate noma i-pivot kumasistimu ethu. Sebenzisa isiqinisekiso sokuphela ukubonisa inkinga.
  • Uma ulwazi oluzwelayo olufana nolwazi lomuntu siqu, imininingwane yokungena, njll,. lufinyelelwe njengenxenye yengcuphe, akufanele lulondolozwe, ludluliselwe, lufinyelelwe, noma lucubungulwe ngemuva kokuthola kokuqala.
  • Abaphenyi bangahle bangakwazi, futhi abagunyaziwe ukuzibandakanya emisebenzini engaphazamisa, ukulimana noma ukulimala ku-Paxful.
  • Abacwaningi akufanele badalule esidlangalaleni izingcuphe (ukwabelana ngemininingwane noma okunye nomunye umuntu ngaphandle kwesisebenzi esigunyaziwe se-Paxful), noma ukwabelana ngengcuphe nenkampani yangaphandle, ngaphandle kwemvume eshiwo ye-Paxful.

Sizihlaziya kanjani izinkinga ezikhonjiwe ngaphansi Kohlelo lwe-Bug Bounty?

Konke okutholiwe kuyahlaziywa kusetshenziswa indlela yengcuphe.

Isivumelwano Sokungadaluli

Ngaphambi kokuqala ukuxoxisana ngeminye imininingwane ephathelene nezinkinga eziqinisekisiwe ozikhombile ngaphansi Kohlelo lwe-Bug Bounty, kufaka phakathi isinxephezelo, njll, kuzodingeka ukuthi ungene nathi Kusivumelwano Sokungadaluli.

Siyikhokhela kanjani imiklomelo Yohlelo lwe-Bug Bounty?

Yonke leyo miklomelo ikhokhelwa i-Paxful. Yonke imiklomelo ingakhokhelwa kuphela uma ingaphikisani nemithetho esebenzayo neyokulawula, kufaka phakathi kodwa kungakhawulelwe ekuvimbeleni kokuhweba nemikhawulo yomnotho.

Kuzothatha isikhathi esingakanani ukuze sihlaziye okutholiwe Kohlelo lwakho lwe-Bug Bounty?

Ngenxa nesimo esihlukayo nesixubile sezinkinga zokusebenza, asiqalisanga imigqa yesikhathi yokuhlaziya okutholiwe ngaphansi Kohlelo lwe-Bug Bounty. Ukuhlaziya kwethu kuqedwa kuphela uma siqinisekise ubukhona noma ubungekho bengcuphe.

Yimaphi amakesi akhishiwe Kuhlelo lwe-Bug Bounty?

Ezinye izingozi zinakwa njengokuthi azikho ohlelweni lwe-Bug Bounty. Lezi zingozi ezingekho ohlelweni zibandakanya, kodwa azikhawulelwe kokulandelayo:

  • Ugaxekile;
  • Ubungozi obudinga ubunjiniyela bomphakathi/ubugebengu bokuthola imininingwane;
  • Ukuhlaselwa kwe-DDOS;
  • Izinkinga ezisuselwe ezinganawo amandla abonakalayo;
  • Izingozi zokuphepha kuzinhlelo zezinkampani zangaphandle nakumawebhusayithi wangaphandle aqiniswe nge-Paxful;
  • Okuphumayo kweskena noma imibiko eyenziwe iskena;
  • Izinkinga ezitholakele ngokuhlola okuzenzakalelayo;
  • Iziphazamisi ezikhululwe ngokomphakathi kusofthiwe le-inthanethi ezinsukwini ezingu-30 zokudalulwa kwazo;
  • Ukuhlasela okunomuntu phakathi;
  • Singatha imijovo yekhanda ngaphandle komthelela othile, obonakalayo;
  • I-Self-XSS, ebandakanya i-payload efakwe ohlaselwe;
  • Ukugena/ukuphuma kwe-CSRF;

Ulwazi Olungeziwe

Uma ufuna ulwazi olungeziwe mayelana nale Nqubomgomo, ungaxhumana nathi nge-imeyili ku-[email protected].