Full Disclosure mailing list archives

Re: Google's blacklisted url database (phishing url database)

From: "moniker monikerd" <monikerd () gmail com>
Date: Wed, 3 Jan 2007 04:21:11 +0100

i see only two possible ways for google to get this kind of data.

google toolbar
or it buys/gets this information from some isp/companies/anybody with a big
enough pipe ..




On 1/2/07, php0t <php0t () zorro hu> wrote:

>
>
>   How exactly does such data get captured? Somebody placed a link
> somewhere with the url having the user/password in it ? What would be
> the point of that? And if not, where did that come from? I peeked at
> http://www.google.com/tools/firefox/safebrowsing/faq.html to learn more
> but it only has obvious info.
>
>
>
> -----Original Message-----
> From: full-disclosure-bounces () lists grok org uk
> [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of JM
> Sent: Tuesday, January 02, 2007 11:17 PM
> To: full-disclosure () lists grok org uk
> Subject: Re: [Full-disclosure]Google's blacklisted url database
> (phishing url database)
>
>
>
> I just played around a bit with those lists and as it seems, Google did
> a splendid job, even capturing some people's login data. Like here:
> http://sb.google.com/safebrowsing/update?version=goog-black-url:1:7753
>
> Regards,
> J.M.
> Professional Lurker
>
> >[By] "Rajesh Sethumadhavan" <rajesh.sethumadhavan () yahoo com>
> >[Date]  Dienstag, 2. Januar 2007 18:42
> >[To]  full-disclosure () lists grok org uk
> >[Subject] [Full-disclosure] Google's blacklisted url database (phishing
> url
> >database)
> >
> > It is possible to access google`s blacklisted url database ( phishing
> > url database )
> >
> > http://sb.google.com/safebrowsing/update?version=goog-black-url:1:1
> > http://sb.google.com/safebrowsing/update?version=goog-black-url:1:7998
> >
> >http://sb.google.com/safebrowsing/update?version=goog-white-domain:1:19
> ,goo
> >g-white-url:1:371,goog-black-url:1:7693,goog-black-enchash:1:15282
> >
> >
> > This database (Part of Google Safe Browsing) can be used in any
> > anti-phishing commercial softwares :)
> >
> > Regards
> > Rajesh Sethumadhavan
> > http://www.xdisclose.com
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Google’s blacklisted url database (phishing url database) Rajesh Sethumadhavan (Jan 02)
- Re: [Full-disclosure] Google’s blacklisted url database (phishing url database) JM (Jan 02)
  - Re: Google's blacklisted url database (phishing url database) php0t (Jan 02)
    - Message not available
    - Re: Google's blacklisted url database (phishing url database) moniker monikerd (Jan 02)
    - Re: Google's blacklisted url database (phishing url database) Rajesh Sethumadhavan (Jan 03)
    - Re: Google's blacklisted url database (phishing url database) Stan Bubrouski (Jan 03)
    - Re: Google's blacklisted url database (phishing url database) Nick FitzGerald (Jan 03)
    - Message not available
    - Re: Google's blacklisted url database (phishing url database) Am Razak (Jan 04)
    - Re: Google's blacklisted url database (phishing url database) Ronald MacDonald (Jan 04)
    - Re: Google's blacklisted url database (phishing url database) Raymond Dijkxhoorn (Jan 03)
    - Re: Google's blacklisted url database (phishing url database) Steve Clement (Jan 03)
    - Re: Google's blacklisted url database (phishing url database) Valdis . Kletnieks (Jan 03)