Sunday, January 19, 2014

Ebay's File Inclusion Vulnerability

Description
     The vulnerability let the attacker run malicious code through file inclusion.
Vulnerability
Uploading files to the server.
Effect
Be creative.
Thank you Ebay's security team
Big thanks to Ebay's security team for fixing this issue and for the opportunity to responsibly report security risks.

Thursday, November 22, 2012

Google Stored DOM XSS Vulnerability (Malicious google.com's url)


Are Google.com domain’s links always safe to click on?

During Nov 1, 2012 I noticed something strange in Google’s producer behavior. In the beginning it was only an html injection. Then, I succeed to exploit it. However, the XSS was in a sandbox’s domain: producer.googleusercontent.com. A few days later, I noticed that the simulations of Tables (Iphone, Ipad, Android, etc.) are connected to the sandbox domain through google.com/producer.  Using the Grand Access the attacker could send a malicious link that seems to be hosted in Google.com. Furthermore, the attacker could inject any DOM script he wanted.


      Video: https://www.youtube.com/watch?v=R0Xto82afYI

Special thank to Google's security team for the great support.