Full Disclosure mailing list archives

Re: Fwd: Google vulnerabilities with PoC

From: "T Imbrahim" <TImbrahim () techemail com>
Date: Sat, 15 Mar 2014 11:36:14 -0700

Is this treated with the same way that says that Remote File Inclusion is not a security issue ? 

You don't follow? Implying ? 

I understand why nobody likes Google. If I 've found a vulnerability and been treated like that for trying to help, I 
would rather sell it to the black market or to some government.

The NSA maybe is happy to buy a RFI on Google, im sure they could make good use of that. Google is very deceptive in 
security matters. 

--- lcamtuf () coredump cx wrote:

From: Michal Zalewski <lcamtuf () coredump cx>
To: TImbrahim () techemail com
Cc: pr0ix () yahoo co uk, full-disclosure <full-disclosure () lists grok org uk>
Subject: Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC
Date: Sat, 15 Mar 2014 10:59:40 -0700

A hacker exploits a JSON (javascript) object that has information of interest for example holding some values for 
cookies. A lot of times that exploits the same policy origin. The JSON object returned from a server can be forged 
over writing javascript function that create the object. This happens because of the same origin policy problem in 
browsers that cannot say if js execution it different for two different sites.


To be honest, I'm not sure I follow, but I'm fairly confident that my
original point stands. If you believe that well-formed JSON objects
without padding can be read across origins within the browser, I would
love to see more information about that. (In this particular case, it
still wouldn't matter because the response doesn't contain secrets,
but it would certainly break a good chunk of the Internet.) JSONP is a
different animal.

/mz




_____________________________________________________________
Are you a Techie? Get Your Free Tech Email Address Now! Visit http://www.TechEmail.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: [SPAM] [Bayesian][bayesTestMode] Re: Google vulnerabilities with PoC, (continued)
- - - Re: [SPAM] [Bayesian][bayesTestMode] Re: Google vulnerabilities with PoC Mario Vilas (Mar 15)
    - Re: [SPAM] [Bayesian][bayesTestMode] Re: Google vulnerabilities with PoC Stefan Jon Silverman (Mar 15)
    - Re: [SPAM] [Bayesian][bayesTestMode] Re: Google vulnerabilities with PoC The Doctor (Mar 18)
    - Re: [SPAM] [Bayesian][bayesTestMode] Re: Google vulnerabilities with PoC Leutnant Steiner (Mar 19)
    - Re: [SPAM] [Bayesian][bayesTestMode] Re: Google vulnerabilities with PoC Exibar (Mar 16)
- Re: Fwd: Google vulnerabilities with PoC Alfred Beese (Mar 15)
- Re: Google vulnerabilities with PoC Alfred Beese (Mar 16)
- Re: Google vulnerabilities with PoC T Imbrahim (Mar 16)
- Re: Fwd: Google vulnerabilities with PoC T Imbrahim (Mar 16)
  - Re: Fwd: Google vulnerabilities with PoC Michal Zalewski (Mar 15)
- Re: Fwd: Google vulnerabilities with PoC T Imbrahim (Mar 16)
  - Re: Fwd: Google vulnerabilities with PoC Michal Zalewski (Mar 15)
  - Re: Fwd: Google vulnerabilities with PoC Mario Vilas (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC T Imbrahim (Mar 16)
  - Re: Fwd: Google vulnerabilities with PoC Michal Zalewski (Mar 15)
  - Re: Fwd: Google vulnerabilities with PoC Pedro Ribeiro (Mar 17)
    - Re: Fwd: Google vulnerabilities with PoC Źmicier Januszkiewicz (Mar 17)
    - Re: Fwd: Google vulnerabilities with PoC Pedro Ribeiro (Mar 17)
- Re: Fwd: Google vulnerabilities with PoC T Imbrahim (Mar 17)
  - Re: Fwd: Google vulnerabilities with PoC Mario Vilas (Mar 17)
    - Re: Fwd: Google vulnerabilities with PoC Gichuki John Chuksjonia (Mar 17)

(Thread continues...)