| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue Jul 11 03:21:21 2006 From: cumhuronat at gmail.com (cumhur onat) Subject: Google PR Mechanism Possible Vulnerability PageRank is a formula developed by Google Search Engine to determine a web pages "inbound link ranking" which affects its postion in search results. To keep it basic we can say the more inbound link your webpage has, the higher is its pagerank. As you all can guess, the inbound links are calculated during the crawling process of googlebot. The trick comes to place in this part. Lets say we have a page A, and a page B which is indexed by Google and another page C which we dont own. What if we put some links like below on the "Page B": <a href=" http://www.pagec.com/somepagewithxss.php?i=%3E%3Ca%20href%3D%22http%3A//www.pagea.com/pagea.html%22%3Euberalle%3C/a%3E "></a> As you guess when googlebot will follow the link on Page B and index page C, it will see a link like: <a href="http://www.pagea.com/pagea.html">uberalle</a> And so inbound link count of "Page A" will increase, which will finally increase the PR of "Page A" with the repeat of this process with different pages that contains css flaws. All this information is theoretic, and I never had time to spend for trying this. You can find the original version of this advisory on: http://www.hoccam.com/pr.html Cumhur Onat cumhuronat@....net cumhuronat@...il.com -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060711/b5598495/attachment.html
Powered by blists - more mailing lists