Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Add URL to Google.com Captcha Bypass

From: sandeep l337 <sandeepk.l337 () gmail com>
Date: Mon, 11 Apr 2011 11:14:53 +0530
**

This Captcha bypass allow to spammer to submit number (that May be more than
1000 Website) of websites to Google crawl by writing simple program in any
programming language.

Original link (With captcha):
www.google.com/addurl/?continue=/addurl

Bypass captcha link POC:  http://www.google.com/addurl?q=www.mysite.com&hl=&dqq=

If you execute the above URL in the browser
then it will add the new website to Google crawl database.

Following Program can be used to submit a large amount of website at a time.

Test:

http://vishalkhobare.com/sandeep/googlesploit.php

This may be small Vulnerability but still we want google to most secure! So
please try to fix. Otherwise there will be no use of captcha .


/peace

Sandeep S. Kamble

*Karma Cyber Intel *

*www.karmacyberintel.net*

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: