Comments on: Google Adsense CSRF hole

By: s c tan

s c tan — Tue, 18 Dec 2007 12:12:56 +0000

great blog!

By: 0kn0ck

0kn0ck — Fri, 28 Sep 2007 07:08:19 +0000

Good Stroke Gareth

By: Gareth Heyes

Gareth Heyes — Thu, 27 Sep 2007 16:59:22 +0000

Hi Ronald

I’m sorry I didn’t realise you had released the same exploit, I just wanted to point out how easy it was to find a hole.

My comment about a security researcher was in jest of course I don’t think I need to find one in Google, I just thought it would be funny.

By: pdp

pdp — Thu, 27 Sep 2007 16:42:57 +0000

rock on!

By: Ronald

Ronald — Thu, 27 Sep 2007 16:30:47 +0000

How is that one different from mine Gareth?
I did exactly the same 6 months ago, only I used GET.

I don’t think it has something to do with releasing Google holes to be a researcher.
All of Google is vulnerable, unlike PDP I found more, but I don’t feel like spending a single second on their site anymore. Okay it gets a ton of media attention, but it isn’t hard to find one. For me, I don’t want all this media hyping around me anymore, cause first off it doesn’t do a thing for you only that you’ll become a sort of side-show, some kind of carnivale, you knwo like: see the bearded lady! IMHO thats how I look at it.

lol