$500 getClass

Google Apps Script is a nice service that allows to automate tasks and add features in some Google services.
In order to achieve this, it uses Rhino, which runs on Java.
I found that on Google Apps Scripts, several objects that are enumerations had the "getClass" method publicly accessible, for instance:

That line would return a Java Class object, and allowed me to call any of its methods, therefore I could get some information.

There was a catch though, Google Apps Scripts implements a white-list of which Java objects can be accessed, most of the objects returned by interesting getClass methods were not in that white-list, so I could not exploit almost anything.
But I kept trying, and I discovered a nice little thing, any method returning an array was allowed to proceed. And even though I could not open the contents of the array (Therefore, not even list them), I found a workaround.
Every array was converted to a JavaScript array, and for some reason using the method shift on one will return the corresponding object wrapped around a white-listed class.
I could not do much with that wrapper, if I even attempted to see its methods (with a for-each loop) the execution of the script would fail, the only thing I could do was sending it to Logger.log so I could see a representation of the object as a String.
This was enough to find a few interesting things about the inner workings of Google (Like finding a class called "com.google.apps.maestro.server.beans.memegen.api.MemegenService"), which seems related to the internal Google Meme Generator (Located in memegen.googleplex.com).
Timeline (UTC-3)
2016-08-15, 10:52 PM - Initial report
2016-08-16, 09:22 AM - Report triaged
2016-08-17, 10:22 AM - Bug filed
2016-08-23, 12:35 PM - Reward of $500 issued - My first Google VRP reward :)
2016-08-26, 01:24 PM - Bug fixed and verified