Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Google Search Feature Exploitation Scenario

From: satyam pujari <satyamhax () gmail com>
Date: Sun, 10 Apr 2011 14:05:45 +0530
Thanks for that Nick , good to know , but unfortunately it's still
exploitable in 2011 :)

On Sun, Apr 10, 2011 at 2:31 AM, Nick FitzGerald
<nick () virus-l demon co uk>wrote:


satyam pujari wrote:


Here is a simple Google's "I'm Feeling Lucky" search feature exploitation
scenario.
[...]


Yawn...

That's _so_ 2007!

  http://www.virusbtn.com/resources/spammerscompendium/lucky.xml

...and I seriously doubt that was the first time it was done, just when
_I_ happened to make a note of it being actively abused in spam.

All that other stuff about free hosting sites and IFrames on
blogger.com is unnecessary implementation detail that can be achieved
multitudinous ways.



Regards,

Nick FitzGerald


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: