Bullseye on Google: Hackers expose holes in GMail, Blogspot, Search Appliance

原创 2007年09月27日 02:57:00

就像医生永远不是失业一样,做计算机安全的也是,因为安全问题就像细菌病毒一样不断的进化繁衍!

From ZDNet

Hackers expose holes in GMail, search applianceGoogle’s security model is not holding up very well to scrutiny from hackers.

In the past few days, there have been multiple disclosures of security vulnerabilities in a wide range of Google products, including a persistent e-mail theft issue affecting the widely used GMail service.

The unpatched GMail bug, which was demonstrated for me by hacker Petko D. Petkov, is particularly nasty because of the way the exploit works without any user action and the fact that it’s difficult for the average GMail user to know that e-mails are being stolen.

The victim visits a page while being logged into GMail. Upon execution, the page performs a multipart/form-data POST to one of the GMail interfaces and injects a filter into the victim’s filter list. In the example above, the attacker writes a filter, which simply looks for emails with attachments and forward them to an email of their choice. This filter will automatically transfer all emails matching the rule. Keep in mind that future emails will be forwarded as well. The attack will remain present for as long as the victim has the filter within their filter list, even if the initial vulnerability, which was the cause of the injection, is fixed by Google.

The attack technique is known as cross-site request forgery (CSRF) and has haunted Google in the past. Earlier this year, the company was forced to correct a similar flaw after details leaked out on an issue that put GMail contact lists at risk.

Google Search Appliance users at risk:

Hackers expose holes in GMail, search applianceSeparately, a Romanian security researcher has published details of a cross-site scripting bug affecting users of the enterprise-facing Google Search Appliance.

Mustlive, the hacker behind the Month of Search Engine Bugs project, published a proof-of-concept and a Google dork to demo the attack — and expose businesses using the search appliance.

Google (Blogspot) Polls vulnerability

A third issue has been disclosed at Beford.org to show how a cross-site scripting bug in Google’s Blogspot Polls could allow the hijacking of sensitive information.

The ‘font’ parameter was not being sanitized before being used inside an STYLE tag, so you could inject IE’s expression() and Mozilla’s -moz-binding.

Several proof-of-concepts — this one hijacks your Google contacts, this one intercepts incoming GMail — are publicly available. (IMPORTANT NOTE: clicking on those links while logged into Google Accounts might not be such a good idea).

An exploit against Picasa

Google’s Picasa photo-sharing software and Web service is also vulnerable to an exploit scenario that uses a combination of cross-site scripting, cross-application request forgery and URI handler weakness to steal photographs from the victim’s hard drive.

Technical details of the Picasa issue have been released by Billy Rios and Nate McFeters.

Finally, there’s a cross-site scripting bug in Google’s Urchin Analytics service that can be exploited to steal user credentials. An explanation of this vulnerability has been published by Adrian Pastor.

google的@SerializedName和@Expose注解

注解了@SerializedName的字段会被序列化到JSON中,输出的JSON格式中的名字即为注解时给定的名字。 Java代码 public class SomeClass...
  • baidu_15136515
  • baidu_15136515
  • 2015年02月03日 15:09
  • 201

关于Google的BlogSpot Blog不能访问

关于Google的BlogSpot blog不能访问连续好几天了,blogspot都不能访问,这次的原因肯定不是因为地震震断海底光缆了,我想大家都清楚作为一介布衣,我是非常的气愤!我对政治不关心,就算...
  • softwave
  • softwave
  • 2007年03月22日 14:32
  • 1777

如何使用Gmail的别名功能?

Gmail真的是一个很好的邮箱,一直是我的最爱!它有一个很独特的功能-别名,用这个功能,我们就可以把一个 邮箱当成很多个邮箱来使用了! 1.Gmail 不提供传统别名 ,但是你可以收到发送到...
  • sunylat
  • sunylat
  • 2016年02月24日 14:36
  • 6322

十招巧用Gmail与Google日历

你是否能将Gmail和Google日历物尽其用呢?在尝试了谷歌在线应用所提供的众多自定义选项如远程退出和键盘快捷键之后,我们找到了几个给力的技巧,希望能帮助大家节省时间,抛去繁杂。 1. 如何接...
  • goitcast
  • goitcast
  • 2012年08月26日 14:54
  • 9201

google域名邮箱申请 gmail域名邮箱申请(企业应用套件)指南

最近一直有朋友问我怎么注册域名邮箱,于是整理出来,贴出来吧。已经很详细了,你可以直接对照着做了。什么是域名邮箱?   如果你有一个自己的域名,通过对域名dns进行设置,创建以自己的域名作为邮箱后缀的...
  • cdefg198
  • cdefg198
  • 2012年01月06日 09:21
  • 33358

Gmail被盗咋办?Google官方步骤可找回

相比起Gmail强大的邮件管理及搜索功能,Gmail对帐号安全保护方面明显要弱得多。一直以来,在读者发给GSeeker的邮件里,...
  • fcxiao
  • fcxiao
  • 2007年09月20日 12:53
  • 2626

outlook 2013 如何设置gmail邮箱

outlook 2013 如何设置gmail邮箱
  • jiangyinglin198812
  • jiangyinglin198812
  • 2013年11月29日 00:10
  • 8265

gmail巧用过滤器清空邮箱

如果Gmail空间不够了,或者想批量删除邮件,Gmail提供了比其他邮件服务牛逼强大功能——高级搜索+过滤器。 比如说你要删除2012/01/01以前的邮件: 在搜索栏里华丽丽地输入"older: 2...
  • esonbest1234
  • esonbest1234
  • 2016年02月24日 11:41
  • 1120

Gmail Api 的解读及例子

由于公司需求需要获取Gmail的信息,于是下了Google提供的例子并开始研究GoogleApi的调用,在这个过程中遇到了几个坑同时也学习到了一些知识,现记录如下:       一 Android ...
  • elfxwt
  • elfxwt
  • 2015年10月13日 19:09
  • 2162

Gmail是怎么判断垃圾邮件

Gmail收件箱里混入垃圾邮件的概率也很低,Gmail是靠什么判断的呢?
  • helihongzhizhuo
  • helihongzhizhuo
  • 2014年11月17日 17:31
  • 1118
内容举报
返回顶部
收藏助手
不良信息举报
您举报文章:Bullseye on Google: Hackers expose holes in GMail, Blogspot, Search Appliance
举报原因:
原因补充:

(最多只允许输入30个字)