Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Fwd: Google vulnerabilities with PoC
From: Mario Vilas <mvilas () gmail com>
Date: Mon, 17 Mar 2014 11:59:54 +0100

Please stop changing hats, it's embarrasing.


On Sat, Mar 15, 2014 at 7:36 PM, T Imbrahim <TImbrahim () techemail com> wrote:

Is this treated with the same way that says that Remote File Inclusion is
not a security issue ?

You don't follow? Implying ?

I understand why nobody likes Google. If I 've found a vulnerability and
been treated like that for trying to help, I would rather sell it to the
black market or to some government.

The NSA maybe is happy to buy a RFI on Google, im sure they could make
good use of that. Google is very deceptive in security matters.

--- lcamtuf () coredump cx wrote:

From: Michal Zalewski <lcamtuf () coredump cx>
To: TImbrahim () techemail com
Cc: pr0ix () yahoo co uk, full-disclosure <full-disclosure () lists grok org uk>
Subject: Re: [Full-disclosure] Fwd: Google vulnerabilities with PoC
Date: Sat, 15 Mar 2014 10:59:40 -0700

A hacker exploits a JSON (javascript) object that has information of
interest for example holding some values for cookies. A lot of times that
exploits the same policy origin. The JSON object returned from a server can
be forged over writing javascript function that create the object. This
happens because of the same origin policy problem in browsers that cannot
say if js execution it different for two different sites.

To be honest, I'm not sure I follow, but I'm fairly confident that my
original point stands. If you believe that well-formed JSON objects
without padding can be read across origins within the browser, I would
love to see more information about that. (In this particular case, it
still wouldn't matter because the response doesn't contain secrets,
but it would certainly break a good chunk of the Internet.) JSONP is a
different animal.

/mz




_____________________________________________________________
Are you a Techie? Get Your Free Tech Email Address Now! Visit
http://www.TechEmail.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/




-- 
“There's a reason we separate military and the police: one fights the enemy
of the state, the other serves and protects the people. When the military
becomes both, then the enemies of the state tend to become the people.”
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]