Google payloads
Wednesday, 30 January 2008
Description
Google has a cool free service for hosting open source projects which allows you to manage your source code over svn. You can also view the contents anonymously but because some files directly output their contents it’s possible to use this service to host malicious server reflected attacks. The lack of any form of CAPTCHA also makes it easy for an attacker to automate this process.
POC
The following proof of concept uses the anonymous feature to include a HTML file which really contains javascript:-
Google payload poc
Recommendation
All file types should be forced to download when viewing their contents anonymously
No. 1 — January 30th, 2008 at 12:31 pm
of course, the problem is a lot deeper then that 🙂 here is a link to a paper: http://www.gnucitizen.org/blog/for-my-next-trick-hacking-web20
No. 2 — January 30th, 2008 at 12:39 pm
Nice paper 😀