Skip to content

Google payloads

Description

Google has a cool free service for hosting open source projects which allows you to manage your source code over svn. You can also view the contents anonymously but because some files directly output their contents it’s possible to use this service to host malicious server reflected attacks. The lack of any form of CAPTCHA also makes it easy for an attacker to automate this process.

POC

The following proof of concept uses the anonymous feature to include a HTML file which really contains javascript:-
Google payload poc

Recommendation

All file types should be forced to download when viewing their contents anonymously

Share and Enjoy:
  • Digg
  • del.icio.us
  • Slashdot
  • StumbleUpon

Comments 2

  1. pdp wrote:

    of course, the problem is a lot deeper then that :) here is a link to a paper: http://www.gnucitizen.org/blog/for-my-next-trick-hacking-web20

    Posted 30 Jan 2008 at 12:31 pm
  2. Gareth Heyes wrote:

    Nice paper :D

    Posted 30 Jan 2008 at 12:39 pm

Post a Comment

Your email is never published nor shared. Required fields are marked *

Comment spam protected by SpamBam