Full Disclosure mailing list archives

Re: Google vulnerabilities with PoC

From: "Nicholas Lemonias." <lem.nikolas () googlemail com>
Date: Thu, 13 Mar 2014 14:30:51 +0000

I suggest you to read on Content Delivery Network Architectures .

 YouTube.com populates and distributes stored files to multiple servers
through a CDN (Content Delivery Architecture), where each video uses more
than one machine (hosted by a cluster). Less populated video files are
normally stored in various colocation sites. The YouTube architecture uses
databases for storing metadata information of all uploaded files.

https://www.owasp.org/index.php/Unrestricted_File_Upload


On Thu, Mar 13, 2014 at 2:22 PM, Nicholas Lemonias. <
lem.nikolas () googlemail com> wrote:

*https://www.google.com/settings/takeout
<https://www.google.com/settings/takeout> *

*However the only problem would be to get past Content ID filtering. I
suppose encrypting an uploaded file, and obfuscating file headers may get
past YouTube's Content ID filtering. Youtube is not a File Transfer
Protocol... It's there to serve media content. *

<https://www.google.gr/#>


On Thu, Mar 13, 2014 at 1:52 PM, Pedro Ribeiro <pedrib () gmail com> wrote:

Keep in mind that YouTube allows files to be uploaded by definition. What
you have achieved is upload a file for an extension type that is not
allowed.
It is definitely a vulnerability but a low risk one since you haven't
demonstrated if it has any ill effects.

Can you somehow find the URL to where the file was uploaded? I would
guess not, since a well designed service like YouTube should hide those
details and no leak them in any way. Maybe if you are able to find that you
can combine with this vulnerability and get them to open their wallet?

Regards
Pedro
On 13 Mar 2014 11:50, "Nicholas Lemonias." <lem.nikolas () googlemail com>
wrote:

Google vulnerabilities uncovered...



http://news.softpedia.com/news/Expert-Finds-File-Upload-Vulnerability-in-YouTube-Google-Denies-It-s-a-Security-Issue-431489.shtml

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Google vulnerabilities with PoC, (continued)
- - - Re: Google vulnerabilities with PoC Alfredo Ortega (Mar 14)
    - Re: Google vulnerabilities with PoC Alfredo Ortega (Mar 14)
    - Re: Google vulnerabilities with PoC Michael Smith (Mar 15)
    - Re: Google vulnerabilities with PoC antisnatchor (Mar 14)
    - Re: Google vulnerabilities with PoC Nicholas Lemonias. (Mar 14)
    - Re: Google vulnerabilities with PoC Michal Zalewski (Mar 13)
    - Re: Google vulnerabilities with PoC Mario Vilas (Mar 14)
    - Re: Google vulnerabilities with PoC Alfredo Ortega (Mar 14)
- Re: Google vulnerabilities with PoC Pedro Ribeiro (Mar 13)
  - Re: Google vulnerabilities with PoC Nicholas Lemonias. (Mar 13)
    - Re: Google vulnerabilities with PoC Nicholas Lemonias. (Mar 13)
    - Re: Google vulnerabilities with PoC Pedro Ribeiro (Mar 14)
- Re: Google vulnerabilities with PoC Georgi Guninski (Mar 15)
  - Re: Google vulnerabilities with PoC Gichuki John Chuksjonia (Mar 15)
- Re: Google vulnerabilities with PoC Nicholas Lemonias. (Mar 13)
  - Re: Google vulnerabilities with PoC Mario Vilas (Mar 14)
- Re: Fwd: Google vulnerabilities with PoC Chris Thompson (Mar 14)
  - Message not available
    - Re: Fwd: Google vulnerabilities with PoC Nicholas Lemonias. (Mar 14)
    - Re: Fwd: Google vulnerabilities with PoC Nicholas Lemonias. (Mar 14)
    - Re: Fwd: Google vulnerabilities with PoC Nicholas Lemonias. (Mar 14)
    - Re: Fwd: Google vulnerabilities with PoC Chris Thompson (Mar 14)

(Thread continues...)