I woke up today to realize that GNUCITIZEN’s web server is bombarded with requests. Good that we are running from a scalable infrastructure. The reason for the storm was a recent disclosure of apparently new Gmail bug similar to the one which I partially and than fully disclosed here, of course after working with the vendor to resolve the problem, which is always the right thing to do. [...]
Frame injection vulnerabilities, although some people might consider them the same as HTML injection/XSS or even a subset, they really are not the same. Here is why:
There is no need to inject special control characters such as angle brackets (unlike HTMLi/XSS)
HTMLi/XSS filtering routines will not project against frame injection since the attacker only needs to insert a URL in the non-sanitized parameter
The best way to explain what I mean is to show an example. [...]
It is true what many of you have heard. Google is releasing their own browser. Google Chrome, as they call it, is based on WebKit rendering engine and introduces some novel approaches to interacting with web technologies. I must say, it is very exciting to see all of this happening.
What makes Google Chrome different is its architecture. The browser is no longer single-threaded process. Each tab is actually a separate process with own memspace. [...]
Basically, Google allows you to use custom domains for your Google for Applications, Blogspot, Mashup Editor and of course App Engine accounts. I think this is an excellent feature and I use it for several of my domains. Although, some of the Google applications ask you to verify the ownership of the domain you are about to use by instructing you to place a special CNAME record on your nameserver, others don’t. [...]
I was invited to co-author Google Hacking for Penetration Testers Second Edition with the some of the greatest minds of enumeration gathering attacks and Google Hacking.
…from the book excerpt:
In this post I am going to show you how someone can remotely install a simple, persistent filter within a GMail account and download all previous as well as snoop onto all future email conversations.
The following sequence of screenshots describes how the attack works.
The victim visits a malicious page while being logged into GMail. [...]
There is a trivially exploitable XSS vul on Google Urchin Web Analytics 5‘s login page. The vulnerability has been tested on versions 5.6.00r2, 5.7.01, 5.7.02 and 5.7.03 (latest). Previous versions are most likely to be affected as well. In case you didn’t know, Google Urchin is the install version of Google Analytics.
I reported the issue to Google back on Jul 25 and was confirmed by their security team. They are now working on a fix. [...]
j0hnny, Roelof Temmingh and I are currently working on the second edition of Syngress’ best selling book Google Hacking for Penetration Testers. We are all excited about it and we hope that the second edition will be as good or even better then the first edition with an up-to-date information on the latest Google hacks (Google Dorks) and a lot more interesting additions, which we cannot disclose at the moment. [...]
Google has become the most profitable organization on the Web, having access to millions of people personal information, providing free services in exchange for even more data, dominating the web we know it today.
That’s for real people. Don’t try this at home! Leave it to the professionals.
The attack surface of WEB technologies has dramatically increased over the past couple of years. It is not only about WEB Applications. Today we explore client side technologies which also play big part in the Web security game.
This footage, although a little bit dramatized, is not that far from the truth. [...]