Thursday, November 22, 2012

Google Stored DOM XSS Vulnerability (Malicious google.com's url)


Are Google.com domain’s links always safe to click on?

During Nov 1, 2012 I noticed something strange in Google’s producer behavior. In the beginning it was only an html injection. Then, I succeed to exploit it. However, the XSS was in a sandbox’s domain: producer.googleusercontent.com. A few days later, I noticed that the simulations of Tables (Iphone, Ipad, Android, etc.) are connected to the sandbox domain through google.com/producer.  Using the Grand Access the attacker could send a malicious link that seems to be hosted in Google.com. Furthermore, the attacker could inject any DOM script he wanted.


      Video: https://www.youtube.com/watch?v=R0Xto82afYI

Special thank to Google's security team for the great support.

No comments:

Post a Comment