Home page logo

webappsec logo WebApp Sec mailing list archives

Re: PayPal Phishing Site Exploits Google XSS Vulnerability
From: Stelian Ene <stelian.ene () gecadtech com>
Date: Wed, 11 Jan 2006 13:59:14 +0200

Paul Laudanski wrote:
There is a new PayPal phishing site that is crafty and cunning in
attempting to hide its true address from the surfer. Unsuspecting users
might fall for this devious trickery. It is thru a Google XSS attack that

That XSS attack was solved some time ago. This is simply using the well
known google.com/url?q=http://YOURURLHERE trick.
I wouldn't call this a security vulnerability, and google is certainly
not the only one affected. It's rather a social engineering scam: the
users clicks on a google link and does not expect to end up someplace
A possible "solution" would be to deny redirection for http requests
with a refereer outside google.xxx (however, links from the email client
would not generate any refereer). Or maybe pause for a few seconds and
display a warning "you are leaving google...".

This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]